I have 50 users in my domain. But i have to set password expiry days for 90 for only 10 users. How can i do it. How can this be done without affecting any other users Password Policy.
Asked
Active
Viewed 1,531 times
1 Answers
2
Fine-Grained Password Policies feature allows to apply different restrictions for password and account lockout policies to different sets of users in a domain. What is important about Fine-grained password policies is that they are applied only to user objects and global security groups, but NOT to OUs.
You can create a separate security group, add required users and then apply PSO(password setting object) to this group.
AD DS Fine-Grained Password and Account Lockout Policy Step-by-Step Guide
Volodymyr Molodets
- 2,404
- 9
- 35
- 52