I set up a password policy in Active directory. Our domain is native 2012 r2 functional level.
I can assign users to the policy under the "Directly Applies TO" section.
However, I cannot apply it to a group. I get an error that the group object cannot be found even though it does. When I enter a partial name, it only lists user objects even though user and group objects are both checked. I have tried from the root of the directory as well as the container that the group is located in.
Has anyone else seen this behavior and know what the fix is?