Create PSO

Create PSO

Create PSO

An AD domain contains a password policy that is applied to all users. However, in some cases, it is necessary to apply a different policy to one or more users.

Since Windows Server 2008 Microsoft has made available the refined password functionality. Windows Server 2012 improves functionality by providing a graphical interface. This makes it easier to configure these AD objects (PSO – Password Security Object). In Windows Sever 2012 or Windows Server 2012 R2, access the Active Directory Administration Center console.

Create PSO open console

Accédez à la racine du domaine puis sélectionnez le conteneur system.

Create PSO access object

Go to the Password Security Container folders and in the action banner, click on New and Password Setting.

Create PSO access object

A window appears, which allows you to configure the various parameters.

Create PSO configureé

Enter the name of the desired PSO and the precedence (priority). A precedence of 1 makes the PSO a priority over another having a higher precedence. Configure the password and lock settings as desired.

PSO parameter

Select user

To know the resulting password strategy, select the user and then in the action banner click on view resultant password settings.

View resultant

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.