Q. Does Active Directory Lightweight Directory Services (AD LDS) implement password policies that are configured at the domain level?
John Savill
April 30, 2010
1 Min Read
A. You can assign password policies at the domain level with specific password complexity requirements, password history, and other account-type configurations. AD LDS will implement the password policy for the machine it's running on. This means that the password policy applied for the domain that the AD LDS server resides on will apply to the AD LDS accounts.
You can apply password policies at the OU level that are ignored for domain accounts, but these OU-level password policies are applied for local accounts, which AD LDS counts as. So if you set OU-level password policies, they'll be applied for AD LDS accounts.
Note that AD LDS doesn't implement Fine Grained Password Policies.
About the Author
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
You May Also Like