Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment  
rcamoore3

Still Checking the Forum Out
Registered:
Posts: 6
Reply with quote  #1 
We've always had a single domain-wide password policy. Now, for one reason or another, we need to have one group with a slightly different policy than everyone else. Since I haven't done this before, I'm not quite certain how to proceed.

Do I leave the domain-wide policy in place and just add another policy and apply it to the group in question? Do I need to do anything else, like make it so members of that small group can't read the domain-wide policy? Or do I need to eliminate the domain-wide policy and implement two policies, one on the small group and one on a group that includes everyone else?

Thanks for any input,
Rob
0
wkasdo

Avatar / Picture

Administrator
Registered:
Posts: 183
Reply with quote  #2 
> Do I leave the domain-wide policy in place and just add another policy and apply it to the group in question?

Yep. That's it. FGGP takes precedence over the Domain Policy. Your group must be of type Domain Global.

__________________
[MSFT]; Blog: https://blogs.technet.microsoft.com/389thoughts/
0
rcamoore3

Still Checking the Forum Out
Registered:
Posts: 6
Reply with quote  #3 
Thanks for the answer! I'll do it today!

Rob
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation: