Reader small image

You're reading from  Mastering Active Directory, Third Edition - Third Edition

Product typeBook
Published inNov 2021
PublisherPackt
ISBN-139781801070393
Edition3rd Edition
Concepts
Right arrow
Author (1)
Dishan Francis
Dishan Francis
author image
Dishan Francis

Dishan Francis is an IT professional with over 15 years of experience. He was a six-time Microsoft MVP in enterprise mobility before he joined Microsoft UK as a security consultant. He has maintained the RebelAdmin technology blog over the years, with lots of useful articles that focus on on-premises Active Directory services and Azure Active Directory. He has also written for other Microsoft-managed blogs such as canitpro and ITopsTalk. When it comes to managing innovative identity infrastructure solutions to improve system stability, efficiency, and security, his level of knowledge and experience places him among the very best in the field.
Read more about Dishan Francis

Right arrow

Configuration

There are two ways to apply fine-grained password policies. The first option is to use Active Directory Administrative Center (ADAC), and the other options are to use PowerShell cmdlets or ADSI Edit.

In ADAC, go to System | Password Settings Container. Then, right-click and go to New | Password Settings. This will open up a window where we can define the policy settings:

Figure 16.12: Password policy settings

In the policy window, we can define the policy name, precedence, and account lockout policy settings. Directly Applies To is the place where we can define the users or security groups this new policy should target. In the preceding example, I added the First Line Engineers security group as the target.

Fine-grained password policies can also be created using PowerShell:

New-ADFineGrainedPasswordPolicy -Name "Domain Admin Password Policy" -Precedence 1 ` 
-MinPasswordLength 12 -MaxPasswordAge "30" -MinPasswordAge "...
lock icon
The rest of the page is locked
Previous PageNext Page
You have been reading a chapter from
Mastering Active Directory, Third Edition - Third Edition
Published in: Nov 2021Publisher: PacktISBN-13: 9781801070393

Author (1)

author image
Dishan Francis

Dishan Francis is an IT professional with over 15 years of experience. He was a six-time Microsoft MVP in enterprise mobility before he joined Microsoft UK as a security consultant. He has maintained the RebelAdmin technology blog over the years, with lots of useful articles that focus on on-premises Active Directory services and Azure Active Directory. He has also written for other Microsoft-managed blogs such as canitpro and ITopsTalk. When it comes to managing innovative identity infrastructure solutions to improve system stability, efficiency, and security, his level of knowledge and experience places him among the very best in the field.
Read more about Dishan Francis