أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.
Prior to Windows2008, it was difficult to apply password policies to specific groups or users. Only one single password policy is applied to the entire AD domain.
Windows Server2008 and later DCs let you to create multiple policies (Fine grained Password policies). It requires manually creating additional Password Setting Object (PSO) in Active Directory, using tools like ADSIEdit or LDIFE (or any3rd party tool). Before creating PSO you have to keep in mind that,
1> Domain's functional level must be2008 or later.
2> For creating PSO you to login as member of Domain Admin group.
The detailed steps for creating Fine Grained Password Policy can be found at, http://blogs.technet.com/b/seanearp/archive/2007/10/06/windows-server-2008-fine-grained-password-policy-walkthrough.aspx
Correct ;)