Solved

fine grain policy and password expiration warning

Posted on 2014-03-05
4
1,313 Views
Last Modified: 2014-03-21
We have a fine grain password policy implemented in our domain (require password change every 90 days), That's working fine but now we need to inform users x days out that their password is going to expire.

If we set the domain GPO
interactive logon: Prompt user to change password before expiration
for 10 days will it see the expiration day in the fine grain password policy and inform users 10 days out that their password is going to expire? Or does this setting only work for the default domain password policy? If this setting does not work with fine grain password policy what options do we have for informing the users that their password is going to expire?
0
Comment
Question by:iamuser
4 Comments
 
LVL 53

Expert Comment

by:McKnife
ID: 39908770
Should work with PSO ("fine-grained..."), too. Please take a test account, a test PSO and try it out.
0
 
LVL 18

Expert Comment

by:sarang_tinguria
ID: 39911258
I saw all the attribute of PSO again but could not find similar that will remind that speicific FGPP user hence the GPO configured in Domain policy should work to FGPP users too
0
 
LVL 4

Expert Comment

by:michaelalphi
ID: 39911724
Hi Iamuser,
You can have check this password expiration reminder software which would be a good choice for you. By using this software, users will get notification through customized emails before their password is about to expire in X days.
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39911930
Though you are using FGPP, the password is stored in active directory only

Now if you set GPO to prompt users for password expiration, it must apply to FGPP also as long as it is storing password in active directory

Mahesh
0

Join & Write a Comment

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now