[gptalk] Re: Password policy

  • From: "Harry Singh" <hboogz@xxxxxxxxx>
  • To: gptalk@xxxxxxxxxxxxx
  • Date: Wed, 16 Jul 2008 11:08:46 -0400

Thanks for the info Jamie.


On Wed, Jul 16, 2008 at 10:38 AM, Nelson, Jamie <Jamie.Nelson@xxxxxxx>
wrote:

>  See the following post I made a while back, regarding deployment of the
> GPP CSE as well as a handful of useful links.
>
> http://www.freelists.org/archives/gptalk/06-2008/msg00111.html
>
> GPP will work fine on a Windows 2003 domain, provided you have at least one
> Windows 2008 member server or Vista SP1 workstation to create/edit policy
> on.
>
> Regards,
> Jamie
>
>  ------------------------------
> *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] *On
> Behalf Of *Harry Singh
> *Sent:* Wednesday, July 16, 2008 9:33 AM
>
> *To:* gptalk@xxxxxxxxxxxxx
> *Subject:* [gptalk] Re: Password policy
>
>  really ? could you point in the direction as to where i could find more
> info on how to get this done ? FYI,  have a Windows 2003 domain.
>
>
> On Wed, Jul 16, 2008 at 10:29 AM, Nelson, Jamie <Jamie.Nelson@xxxxxxx>
> wrote:
>
>>  Are you talking about changing the local admin password? That can be
>> done with the GPP extensions now, just so you know. No scripting required!
>>
>>  ------------------------------
>>  *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
>> *On Behalf Of *Harry Singh
>> *Sent:* Wednesday, July 16, 2008 9:27 AM
>>
>> *To:* gptalk@xxxxxxxxxxxxx
>> *Subject:* [gptalk] Re: Password policy
>>
>>   Thanks Darren.
>>
>> I fully understand now.
>>
>> One of items i'm currently researching is how to change the local admin
>> accounts for computers orginization-wide. I've seen some scripts that would
>> accomplish this but still haven't tested anything just yet.
>>
>>
>>
>> On Wed, Jul 16, 2008 at 10:14 AM, Darren Mar-Elia <darren@xxxxxxxxxx>
>> wrote:
>>
>>>  It does. That is what I'm saying. Local user accounts on local machines
>>> will be use the account policy that is dictated by the domain policy, unless
>>> you block it.
>>>
>>>
>>>
>>> Darren
>>>
>>>
>>>
>>> *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
>>> *On Behalf Of *Harry Singh
>>> *Sent:* Wednesday, July 16, 2008 7:09 AM
>>> *To:* gptalk@xxxxxxxxxxxxx
>>> *Subject:* [gptalk] Re: Password policy
>>>
>>>
>>>
>>> Thanks Darren.
>>>
>>> The way i was reading it before lead me to belive that the domain policy
>>> affects the user accounts on the local machines.
>>>
>>> On Wed, Jul 16, 2008 at 10:04 AM, Darren Mar-Elia <darren@xxxxxxxxxx>
>>> wrote:
>>>
>>> What happens is that, since the policy is linked to the domain, all
>>> computer accounts will process it. This means that the domain policy will
>>> override the local policy on those computers just like it would for any
>>> other setting. You can, of course, set Block Inheritance on any OU that you
>>> don't wish to have receive that policy.
>>>
>>>
>>> Darren
>>>
>>>
>>>
>>> *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
>>> *On Behalf Of *Harry Singh
>>> *Sent:* Wednesday, July 16, 2008 6:53 AM
>>> *To:* gptalk@xxxxxxxxxxxxx
>>> *Subject:* [gptalk] Re: Password policy
>>>
>>>
>>>
>>> I was hoping to get some clarity on this-- by setting a domain policy
>>> accounts on the local machine get affected ? Or the domain passwd policy
>>> overwrites any passwd policy set locally on a machine ?
>>>
>>> On Wed, Jul 16, 2008 at 9:47 AM, Darren Mar-Elia <darren@xxxxxxxxxx>
>>> wrote:
>>>
>>> Dave-
>>>
>>> Yes, it will.
>>>
>>>
>>>
>>> Darren
>>>
>>>
>>>
>>> *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
>>> *On Behalf Of *Dave Palombi
>>> *Sent:* Wednesday, July 16, 2008 6:00 AM
>>> *To:* gptalk@xxxxxxxxxxxxx
>>> *Subject:* [gptalk] Password policy
>>>
>>>
>>>
>>> Hey guys,
>>>
>>> I just implemented a password policy for our domain.  With this affect
>>> local computer accounts as well?  I do know that domain policies super seed
>>> local computer polices.
>>>
>>> Thanks,
>>>
>>> Dave
>>>
>>>
>>>
>>>
>>>
>>
>> *
>> ------------------------------
>> *
>>
>> *Confidentiality Warning:* This message and any attachments are intended
>> only for the use of the intended recipient(s), are confidential, and may be
>> privileged. If you are not the intended recipient, you are hereby notified
>> that any review, retransmission, conversion to hard copy, copying,
>> circulation or other use of all or any portion of this message and any
>> attachments is strictly prohibited. If you are not the intended recipient,
>> please notify the sender immediately by return e-mail, and delete this
>> message and any attachments from your system.
>>
>>
>

Other related posts: