locked
How to apply fine grained password policy to an OU RRS feed

  • Pytanie

  • I have an OU called TestOU-1. Now I want to apply fine-grained password policies to all the users in TestOU-1. I know fine grained policies can be applied to global security groups and users only. But I heard of shadow groups through which fine-grained policies can be applied to an OU. 

    How do I create a shadow group for TestOU-1. I know how to create a fine-grained policy. After creating it, what should be the value of msDS_PasswordAppliesto. Is it the DN of the TestOU-1 or the shadow group that I created. Also, do I have to create a global security group before creating a shadow group for the OU? 


    Thanks and Regards, Radhakrishnan

    poniedziałek, 18 czerwca 2012 10:42

Odpowiedzi

  • In global security group we can have member from any OU who need to be covered under FGPP where as shadow group is a group used to have all the users from particularity department like finance or sales guy in one group & it is automated to either add or delete the group membership automatically using scripts(powershell or vb-script) or schedule task.


    Awinish Vishwakarma - MVP - Directory Services

    My Blog: awinish.wordpress.com

    Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    • Oznaczony jako odpowiedź przez radhakrishnan88 poniedziałek, 18 czerwca 2012 12:07
    poniedziałek, 18 czerwca 2012 11:42

Wszystkie odpowiedzi