Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Group Policy issue - password enforcement

Status
Not open for further replies.
disturbedone

disturbedone

Vendor
Sep 28, 2006
781
AU
I am attempting to apply a new GPO for a new password policy. This is part of a process of moving to W7. DCs are W2K8R2.

I have a new OU structure specifically for this. The (simplified) structure is:
Code: 
domain.local
  EXIST
    USERS
    COMPUTERS
  NEW
    USERS
    COMPUTERS

There is a GPO at the domain.local level which looks like the default policy. This is not set to 'enforce' so it shouldn't affect the EXIST or NEW OUs. As it is, both the EXIST and NEW OUs have 'block inheritance' enabled. Another GPO is on the EXIST OU which is basically the same but has min length and min age slightly different and has no lockout setting - I believe this is the one in effect.

I've created a new GPO with much better settings and applied it to the domain.local/NEW/WORKSTATIONS OU as password policies are computer based not user. I have a test W7 computer in that OU but I can still change my password to things that don't meet the policy requirements. I have run gpupdate /force several times but it doesn't make a difference.

I've always had problems with the Group Policy Results Wizard on the existing XP clients. Mostly that was due to Windows Firewall on the client. But in this case the firewall is off but it still won't run and gives the error:
Failed to connect to DOMAIN\computer due to the error listed below. Ensure that the Windows Management Instrumentation (WMI) service is enabled on the target computer, and consult the event log of the target computer for further details. Details: The RPC server is unavailable.
Click to expand...

The WMI service is started. So is the Remote Procedure Call (RPC) service. Nothing shows up at all in any event log on the client computer.

So there's a couple of issues - it appears the GPO is not applying (why not?) and the GPRW won't let me check what GPOs are being applied and any errors.

Any ideas?
 
Sort by date Sort by votes
when you run rsop.msc did it show that the policy is applied.
check your AD that the permissions for domain users are correct

MCITP:EA/SA, MCSE, MCSA, MCDBA, MCTS, MCP+I, MCP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Andrzejek
  • Locked
  • Question
How to Disable Google Chrome Password Manager 2
Replies
3
Views
667
combo
combo
Flinx
  • Locked
  • Question
continuing issues with Windows 10 slow transfer to NAS
Replies
6
Views
674
pmonett
pmonett
pjw001
  • Locked
  • Question
Windows 10 Password Problem
Replies
4
Views
135
LukeyLuke
LukeyLuke
Tom11
  • Locked
  • Question
Windows 8.1 Login Issue
Replies
10
Views
334
Edward Cramer
Edward Cramer
keithinoz
  • Locked
  • Question
Pair issue pc to phone
Replies
4
Views
153
keithinoz
keithinoz

Part and Inventory Search

Sponsor

Back
Top