Configuring different password policies on Windows Server 2008 domains
Recently I found out that there was no way to implement different password policies on domains running on Windows Server 2003. It didnt sound right to me, why I cannot keep different password complexity, for example, in different OUs for different users?
You can actually link to separate OUs with different policies with different values on passwords options, but theyll be ignored by Default Domain Policy.
It seems that there’s a way to accomplish this (not an easy way, but anyhow) running domains with Windows Server 2008 and of course in the highest domain functional level.
The tools involved: GPMC (included with Windows Server 2008) and ADSI Edit.
Here’s the solution:
Categories: Windows Server 2008