Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

fine grain policy and password expiration warning

Posted on 2014-03-05
4
Medium Priority
?
1,777 Views
Last Modified: 2014-03-21
We have a fine grain password policy implemented in our domain (require password change every 90 days), That's working fine but now we need to inform users x days out that their password is going to expire.

If we set the domain GPO
interactive logon: Prompt user to change password before expiration
for 10 days will it see the expiration day in the fine grain password policy and inform users 10 days out that their password is going to expire? Or does this setting only work for the default domain password policy? If this setting does not work with fine grain password policy what options do we have for informing the users that their password is going to expire?
0
Comment
Question by:iamuser
4 Comments
 
LVL 58

Expert Comment

by:McKnife
ID: 39908770
Should work with PSO ("fine-grained..."), too. Please take a test account, a test PSO and try it out.
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 39911258
I saw all the attribute of PSO again but could not find similar that will remind that speicific FGPP user hence the GPO configured in Domain policy should work to FGPP users too
0
 
LVL 4

Expert Comment

by:michaelalphi
ID: 39911724
Hi Iamuser,
You can have check this password expiration reminder software which would be a good choice for you. By using this software, users will get notification through customized emails before their password is about to expire in X days.
0
 
LVL 39

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 39911930
Though you are using FGPP, the password is stored in active directory only

Now if you set GPO to prompt users for password expiration, it must apply to FGPP also as long as it is storing password in active directory

Mahesh
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question