Comments on: Fine-Grained Password Policy in Active Directory //www.tech-coffee.net/fine-grained-password-policy-active-directory/ Wed, 31 Mar 2021 08:32:29 +0000 hourly 1 https://wordpress.org/?v=5.2.11 By: Myles //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3736 Wed, 31 Mar 2021 08:32:29 +0000 //www.tech-coffee.net/?p=664#comment-3736 You might want to try reading what you have written as the quality of the english is poor.

]]>
By: Shareef //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3710 Fri, 18 Sep 2020 16:03:39 +0000 //www.tech-coffee.net/?p=664#comment-3710 Stuff is Great

]]>
By: Mukhtar //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3709 Fri, 18 Sep 2020 16:00:33 +0000 //www.tech-coffee.net/?p=664#comment-3709 Good article about Fine grained Password policy. In Detailed explanation with screen shots .Thank you Romain Serre for posting this article

]]>
By: Wim Rijksen //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3686 Thu, 16 Apr 2020 14:45:30 +0000 //www.tech-coffee.net/?p=664#comment-3686 Hi! Thank you for this very helpful piece.
However, I found an error in the section “Remove default password policy on Active Directory”.
You write: Open Software Settings, Windows Settings, Security Settings, Account Policies and Password Policies.
But it should be: Open Computer Configuration, Policies, Windows Settings, Security Settings, Account Policies and Password Policies.
The screenshot you added is correct but the text is not.
Thank you, bye!

]]>
By: Steve Poirier //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3662 Fri, 17 Jan 2020 16:08:34 +0000 //www.tech-coffee.net/?p=664#comment-3662 We have a Default Domain Policy that manage password rules. We also create a Fine-Grained Password Policy in Active Directory for a selected group. The policy work fine but if we run a gpresult /r for one of the selected user with the fine grain policy we get the Default Domain Policy Filtering: Denied (Security).

Is this a normal behavior? Also, does all other policy push by the Default Domain Policy should be apply if we add a Fine grain Policy?

]]>
By: Romain Serre //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3505 Fri, 15 Mar 2019 08:12:04 +0000 //www.tech-coffee.net/?p=664#comment-3505 Yes you’re right. It what I mean

]]>
By: Jerome Cherry //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3502 Tue, 12 Mar 2019 19:17:18 +0000 //www.tech-coffee.net/?p=664#comment-3502 A sentence may have an error:

When PSO is applied on some users, there are no longer using password policy from Default Policy Settings GPO. Instead they use the PSO settings.

Do you mean: “…they are no longer using passwored policy from Default Policy Settings GPO”?

Thanks for your information. I am studying network securiy in college.

]]>
By: Romain Serre //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3420 Fri, 09 Nov 2018 12:10:03 +0000 //www.tech-coffee.net/?p=664#comment-3420 Hey,

The policy will be applied the next time they change password. But you can enforce to ask to change password immediately to all domain users.

]]>
By: sometechstuff //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3417 Tue, 06 Nov 2018 20:15:39 +0000 //www.tech-coffee.net/?p=664#comment-3417 If I add a password policy, where there was none, will it affect users “immediately” or only the next time they try to change their password. For example, a user has a 6 character password and we implement a minimum of 8 characters. We would like it not to affect users right away, but rather we will tell users to change their passwords, and at that time, follow the new password policy. Thanks

]]>
By: Romain Serre //www.tech-coffee.net/fine-grained-password-policy-active-directory/#comment-3175 Fri, 09 Feb 2018 09:06:52 +0000 //www.tech-coffee.net/?p=664#comment-3175 Yes indeed. If you apply the FGPP to a user, the policy follow the user and FGPP policy has priority against default domain policy.

]]>