Q. Does Active Directory Lightweight Directory Services (AD LDS) implement password policies that are configured at the domain level?

John Savill

April 30, 2010

1 Min Read
ITPro Today logo in a gray background | ITPro Today

A. You can assign password policies at the domain level with specific password complexity requirements, password history, and other account-type configurations. AD LDS will implement the password policy for the machine it's running on. This means that the password policy applied for the domain that the AD LDS server resides on will apply to the AD LDS accounts.

You can apply password policies at the OU level that are ignored for domain accounts, but these OU-level password policies are applied for local accounts, which AD LDS counts as. So if you set OU-level password policies, they'll be applied for AD LDS accounts.

Note that AD LDS doesn't implement Fine Grained Password Policies.

About the Author

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like