Getting Started

Specops Password Policy

Quick Start Guide

  • Getting started

Administrators Guide

SDK

Upgrade Guides

Links

References

edit SideBar

Getting Started

Getting started

Page Contents (hide)

This section will walk through what’s needed to get started with Specops Password Policy 2 (SPP 2.0).

If this is the first time you are using SPP 2.0 it is recommended to complete all the steps below to gain a general understanding about how the system works.

Setup

The first thing to do is to install the product.

Your first password policy

When all the setup steps described above are completed, it’s time to create your first password policy. To configure a password policy, start GPMC and edit the Group Policy object where you wish configure it. Note! The password policy will affect all users that the selected GPO applies to. The standard rules for GPO application apply. These are the exact steps to configure the password policy.

  • Start the Group Policy Management Console from Administrative Tools on the start menu.

Gpmc.jpg: 1057x565, 502k (February 15, 2007, at 11:01 AM)

  • Locate the Group Policy Object that you would like to configure the password policy in.
  • Right-click the Group Policy Object and click Edit.


GpmcSnapInNew.jpg: 952x570, 302k (February 15, 2007, at 11:01 AM)

  • From within the Group Policy Object Editor open User Configuration/Windows Settings/Specops Password Policy.
  • Click the Create New Password Policy or Create New Password Policy from Template button.


GpmcSnapInEditPasswordPolicy.jpg: 762x717, 454k (February 15, 2007, at 11:02 AM)

  • Configure some password policy settings in the window that opens and click OK to save it.



Making sure the Group Policy Object is linked

For a GPO to actually affect any users or computers, it must be linked somewhere in the Active Directory. If the GPO is not linked already, find the appropriate location in Active Directory to link the Group Policy to. This can be on the domain level or on an organizational unit (OU). You can also apply security filters to a GPO. For detailed information about how to use GPOs read this document from Microsoft.

Note! When using security filtering to apply a GPO, the Authenticated Users built-in group must be given Read permission to the GPO. Otherwise the password expiration warning will not be shown on the clients.’‘

Verifying that the policy is applied

Now, let’s verify that the password policy is applied correctly. Start the Active Directory Users and Computers console and browse to a user that should be affected by the GPO you just edited. Right-click the user and select Specops Password Policy. This will display a window with summary information about the password policy that affects the user.

Changing the password

Now the first password policy has been created, let’s see it in action. Logon to a computer where the Specops Password Policy client has been installed and the computer restarted. Logon as a user that is affected by the GPO you selected. Try to change the password and verify that the requirements you selected are enforced, and that you get a correct message.

Recent Changes (All) | Edit SideBar Page last modified on January 11, 2008, at 11:42 AM Edit Page | Page History
Powered by PmWiki