Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how do you stop a domain policy being applied locally?

Status
Not open for further replies.
Dagk

Dagk

Technical User
May 9, 2001
100
GB
Hi,

On a laptop there is a local generic account that uses a 4 char password. Domain password policy is set to 6 char. When a user logs on to the domain the domain group policy is applied to the local laptop and the generic local account with the 4 char password stops working because the password is too short. Is there a way of preventing the domain group policy being applied when someone logs in locally to the laptop.....or do I need to make the local account 6 char as well!
 
Sort by date Sort by votes
use local policy on the PC to set password length to 4 chars...

if this doesnt work, put PC in a OU and set a gpo on this OU to apply this password setting.
this will have an effect on the local accounts only!

Aftertaf
________
Regain control of your PC, at
 
Upvote 0 Downvote
Hi,

I tried to set the local policy on the laptop but all the options were greyed out. In the end I had to change the domain group policy to 4 log back in to the domain on the laptop reset the local account password to 4 char and then log out of the domain. I then changed the domain policy back top 6 char. This will mean however that the next time someone logs in to the domain with the laptop the min password policy will kick in again and make the local account unusable. I didn't really want to set a new group policy for laptops only but if this is the only way I could just add every laptop to the new group policy that is set to 4 char......
 
Upvote 0 Downvote
try the OU/GPO option for the laptops and their local security settings..

Aftertaf
________
Regain control of your PC, at If you break your hard drive, it'll be DPlank's fault
 
Upvote 0 Downvote
The password settings in GPO are only valid at the domain root. You cannot set a different password policy for different OU's.
 
Upvote 0 Downvote
actually, you can!
but it'll not apply to domain accounts, only to local pc accounts in the SAM.
(afaik)

Aftertaf
________
Regain control of your PC, at If you break your hard drive, it'll be DPlank's fault
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
368
goombawaho
goombawaho
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
135
ADB100
ADB100
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
333
fredmartinmaine
fredmartinmaine
on3mansh0w
  • Locked
  • Question
[HELP] AD GPO not applied unexpectedly
Replies
0
Views
110
on3mansh0w
on3mansh0w
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
270
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top