Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Group Policy: multiple password policies in the same domain?

from [Derick Anderson] Network Security [Permanent Link]
Subject: RE: Group Policy: multiple password policies in the same domain?
Date: Wed, 31 Aug 2005 10:25:01 -0400 
As I feared.

Thanks,

Derick


-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@ornl.gov] 
Sent: Wednesday, August 31, 2005 10:18 AM
To: Derick Anderson; focus-ms@securityfocus.com
Subject: RE: Group Policy: multiple password policies in the 
same domain?

There can be only one password policy for the domain.  

Dennis 

-----Original Message-----
From: Derick Anderson [mailto:danderson@vikus.com]
Sent: Wednesday, August 31, 2005 7:32 AM
To: focus-ms@securityfocus.com
Subject: Group Policy: multiple password policies in the same domain?

I'm trying to lock down some domain "service" accounts 
(backup, Exchange, SQL Server, Scheduled Tasks, etc.) where I 
work. We're an application service provider (web-based) and 
we have only one domain at the moment (sigh), shared by our 
production servers (big sigh) on the same physical network 
(very big sigh). Our web application must run as a domain 
account (throws up hands in exasperation).

Splitting the domain into production and non-production is in 
the works but will realistically be at least a couple months 
away. In the mean time I'm trying to enforce stronger 
passwords for service accounts like those I mentioned above 
but I'm having problems using Group Policy to specify that 
service accounts have a certain password policy while regular 
users have another. I believe the problem is that password 
policies are computer based instead of user based, so I can't 
specify that specific users have one set of password policies 
while others have a different one.

Would applying the policy to a specific set of computers 
affect only the local accounts on those computers, or the 
entire domain? My theory is that only the password policy on 
the domain controllers would affect domain passwords, but I'd 
love to hear differently.

Any help would be appreciated.

Thanks,

Derick Anderson

--------------------------------------------------------------
----------
---
--------------------------------------------------------------
----------
---




---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Group Policy: multiple password policies in the same domain?, Depp, Dennis M.
Next by Date:  RE: Group Policy: multiple password policies in the same domain?, Delgado, Jacob M.
Previous by Thread:  RE: Group Policy: multiple password policies in the same domain?, Depp, Dennis M.
Next by Thread:  RE: Group Policy: multiple password policies in the same domain?, Delgado, Jacob M.
Indexes:  [Date] [Thread] [Top] [All Lists]