Fine Grained Password Policy

HI experts,

I have successfully created the PSO and applied to myself (for testing). It is restricting me to create a 8 characters password with complexity. Its working fine.

However if I applied the PSO to a group (a security group only contain myself and one other staff) then the policy doesn't work. I have run gpupdate /force everything I made change ensuring it refresh the policy.

I will appreciate if anyone to shed some light? What am I missing here?

We are a 2008 domain (NOT R2 as one of DCs is not running R2). Domain and Forest level had been raised.

Thank you.
LVL 23
ormerodrutterAsked:
Who is Participating?
 
Cliff GaliherConnect With a Mentor Commented:
The security group MUST be a global security group. Not a distribution group or universal security group or any other variant, just an odd quirk of fine grained policy processing,
0
 
ormerodrutterAuthor Commented:
So in general I have to create a new Global Security group and add ALL users to the group? Don't think Global group allow group nesting?
0
 
Cliff GaliherCommented:
Correct.
0
 
ormerodrutterAuthor Commented:
Thanks for your solution - spot on!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.