That is great thanks. Dave On Thu, Apr 17, 2008 at 5:25 PM, Cruz, Jerome L <jerome.l.cruz@xxxxxxxxxx> wrote: > From a Domain perspective, password policy settings essentially apply the > new settings when the passwords are "changed". For example, say you have a > "Maximum password age" set to 90 days (3 months). You then enable the > "Password must meet complexity requirements" setting. At that point all > users "changing" passwords will have to use complex password as the > passwords are cycled for each user over the next 3 months. It'll take three > months to apply. Also, your user account (usually service accounts) which > may never expire will never be switched to using a complex password. > > > > We have over 150,000+ users and made a similar switch recently. No issues. > All End User accounts are now switched and did so a bit at a time daily as > they expired. > > > > Jerry > > > > *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] *On > Behalf Of *Dave Palombi > *Sent:* Thursday, April 17, 2008 1:26 PM > *To:* gptalk@xxxxxxxxxxxxx > *Subject:* [gptalk] Re: Password Policy > > > > What would happen if I changed the policy? Would users be asked to change > their passwords right away? > > Dave > > On Thu, Apr 17, 2008 at 3:18 PM, Dave Palombi <dave.palombi@xxxxxxxxx> > wrote: > > Darren, > > Thanks for the info. We are trying to migrate certain sections with > different password policy's until everyone has been done then one big policy > at the end. How would I be able to achive this. > > Dave > > > > On Thu, Apr 17, 2008 at 3:14 PM, Darren Mar-Elia <darren@xxxxxxxxxx> > wrote: > > Dave- > > Are you trying to apply password policy to a domain user or a local user > account on a workstation or member server? Password policy, as you've > noticed, does not apply to users. IT applies only to computers where the > accounts reside. In the case of domain user accounts (i.e. held in AD), you > can only set one password policy for a given domain and that must be in a > GPO linked at the domain level. For local user accounts—those housed on > member servers and workstations, you have to make sure that the GPO is > linked to those containers where those computers reside, not the users. > > > > Darren > > > > > > *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] *On > Behalf Of *Dave Palombi > *Sent:* Thursday, April 17, 2008 12:08 PM > *To:* gptalk@xxxxxxxxxxxxx > *Subject:* [gptalk] Password Policy > > > > Hello, > > I have a question about implementing a password policy. I am trying to > implement a password policy and it works but it is not being applied to the > user. All settings are with in the computer settings. When I do a > gpresult, the policy shows under not applied section and this it says > filtering: not applied (empty) > > Your thoughts. > > Dave > > > > >