September 1, 2009 at 10:05 am
I'm curious as to how 2005 (and maybe 2008) enforces password policy? For example, if I enter a domain account as a login, it will rely on the domain settings.
But if I create a SQL login and check the enforce password policy box, and maybe expiration as well, does it rely on the local Windows Server policy or still pick up from the domain. From what I read here, it seems to default to the Server and not the domain, but was curious if this is not always the case.
Thanks.
Gaby
________________________________________________________________
"In theory, theory and practice are the same. In practice, they are not."
- Albert Einstein
September 1, 2009 at 10:18 am
Technically it gets it from the server. However, the catch is the server gets its policy from the default domain policy. So effectively it's the domain, unless the server isn't processing GPOs properly.
K. Brian Kelley
@kbriankelley
September 1, 2009 at 10:55 am
Thanks. So hopefully the windows admins have set it up the server properly. 🙂
Gaby
________________________________________________________________
"In theory, theory and practice are the same. In practice, they are not."
- Albert Einstein
September 1, 2009 at 12:29 pm
If it's on the domain, generally speaking there are no issues. From my experience administering a domain with several thousand systems, we would only occasionally see GPO issues. And most of the time (95%) they were on workstations where there were other issues going on. The rest of the time was usually a time synch issue (meaning the server wasn't authenticating properly against the domain so it couldn't pull the GPO). So yes, unless they've done something really crazy, you've got nothing to worry about.
K. Brian Kelley
@kbriankelley
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply