
close
close
Fine-grained password policy was introduced in Windows Server 2008 to overcome restrictions that had previously existed, where it was possible to set only one password policy for an entire domain. Fine-grained password policies allow sysadmins to apply different password policies to groups of users in an Active Directory domain.
Make sure that your domain is set at the Windows Server 2008 domain functional level or higher. For more information, see “Raising Windows Server 2008 Active Directory Domain and Forest Functional Levels” on the Petri IT Knowledgebase.
advertisment
If you would prefer to use the GUI for configuring fine-grained password policy, see my previous post on “How to Configure Fine-Grained Password Policy in Windows Server 2012 using ADAC.” If you want to continue reading, don’t worry, setting fine-grained password policy using PowerShell is quite easy.
Using this method, the new policy will be configured with all the default values for a new policy. To configure specific values, you need to add parameters to the cmdlet as shown below:
New-ADFineGrainedPasswordPolicy -Name administrators1 -DisplayName administrators1 -Precedence 100 -ComplexityEnabled $true -ReversibleEncryptionEnabled $false -PasswordHistoryCount 10 -MinPasswordLength 8 -MinPasswordAge 3.00:00:00 -MaxPasswordAge 30.00:00:00 -LockoutThreshold 3 -LockoutObservationWindow 0.00:25:00 -LockoutDuration 0.00:30:00
Now we need to apply the policy to a user(s) or group(s).
advertisment
In the resulting output, check the AppliesTo information to check the policy is applied to the intended user or group.
More from Russell Smith
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Windows Server 2012
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group