Comments on: Windows Server 2008: Fine-grained password policies

By: Michael Pietroforte

Michael Pietroforte — Sun, 24 May 2009 10:09:07 +0000

Yes, the domain functional level has to be Windows Server 2008. Please, check out my latest article about this topic.

By: S

Mon, 18 May 2009 16:06:15 +0000

Hi,

Does anyone know if the fine-grained PW policy can be used while running server 2008 at 2003 domain functional level?

I remember reading somewhere that you could but just wanted some confirmation from anyone that may have tried and tested it?

By: Michael

Michael — Mon, 28 Apr 2008 18:43:49 +0000

James, I must admit I never tried it myself, but I read numerous articles claiming that these settings cannot be assigned to OUs, but only for the whole domain. Read Technet article. Here is an example.

By: James M

James M — Sun, 27 Apr 2008 14:04:16 +0000

Just an FYI, it is possible to have different password policies in a windows 2000/2003 domain. In windows 2000/2003, each OU can be assigned a unique group policy that overrides the default domain password policies. The group policy administration snap-in makes this easy to do and does not require ADSIedit.

By: Free UI Console for Fine-Grained Password Policies « Dmitry’s PowerBlog

Tue, 19 Jun 2007 15:49:08 +0000

[...] and love to create graphical user interface for fine-grained password policies (see overviews in 4sysops and Ulf’s blog) in my Windows 2008 lab. And here’s the result (click to see it full [...]

By: Manage Fine-Grained Password Policies with PowerShell « Dmitry’s PowerBlog

Mon, 18 Jun 2007 12:14:50 +0000

[...] can find pretty good write-ups about the feature and using ADSIedit to manage it at 4sysops and Ulf’s blog. However, as Richard pointed recently, using PowerShell to manage them is so [...]