Fine Grained Password Polices (FGPP) allow IT administrator to apply password and account lockout policies to different users or groups of users in you domain. The major pain about FGPP is that you cant just use Group Policy to use them instead you have to use ADSIEDIT to make the changes… Major PITA.
But lucky some of the pain about making changes to the FGPP can be reduce by using PowerShell to Automate the process to make it easier to apply multiple FGPP. So to see how to do this Manoj Ravikumar Nair has just done a video on TechNet Edge showing how to do the whole process.
In this video, I use the Active Directory Module for Windows PowerShell introduced in Server 2008 R2 to create and configure Fine-Grained Password Policy, a new feature introduced in Server 2008 that allows having multiple password and account lockout policies in a Domain. I also walk you through the process of raising the domain functional level using PowerShell.
Blog Post: TechNet Video: Configuring Fine-Grained Password Policies using PowerShell http://bit.ly/dZWCHc
TechNet Video: Configuring Fine-Grained Password Policies using PowerShell http://t.co/N9kT7H3
RT @alanburchill: Blog Post: TechNet Video: Configuring Fine-Grained Password Policies using PowerShell http://bit.ly/dZWCHc
Unfortunately until it gets to the point where they are as easy to configure as standard password policies, FGPP are going to be one of those things that gets more use in certification exam questions than production environments.
RT @alanburchill: Blog Post: TechNet Video: Configuring Fine-Grained Password Policies using PowerShell http://bit.ly/dZWCHc