Subscribe to Windows IT Pro
June 06, 2007 12:00 AM

Setting Different Password Policies for Different Groups

Editors
Windows IT Pro
InstantDoc ID #96235
Rating: (2)

Q: Help! I'm trying to set up a password policy with Group Policy. I'd like to use a new Group Policy Object (GPO) linked to the domain level. Do I have to use Authenticated Users?. If so, can I deny access to users or groups so they can't read the policy? We have a manufacturing enviroment with a lot of computers on the plant floor that use autologon to log on to the domain. I'd like to exclude those machines if possible. Is there any way to apply a password policy to only the office computers?

A: Security expert Orin Thomas says, "The default domain password policy applies to all regardless of scope. You could achieve what you want by creating a child domain and moving the plant floor computers to the child domain. Separate domains are the only way to set multiple password policies."

Related Content:

ARTICLE TOOLS

Comments
Add A Comment
  • Christan
    4 years ago
    Feb 15, 2008

    Testing Security Pro VIP

  • ANTHONY
    5 years ago
    Jun 06, 2007

    Alternatively, you could purchase a third-party application, for example, Special Operations Password Policy and assign different password policies without requiring a separate domain.

You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

Dev Pro Left-Brain SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.