Skip navigation
Menu
End-User Platforms>Active Directory

Q. Does Active Directory Lightweight Directory Services (AD LDS) implement password policies that are configured at the domain level?

A. You can assign password policies at the domain level with specific password complexity requirements, password history, and other account-type configurations. AD LDS will implement the password policy for the machine it's running on. This means that the password policy applied for the domain that the AD LDS server resides on will apply to the AD LDS accounts.

You can apply password policies at the OU level that are ignored for domain accounts, but these OU-level password policies are applied for local accounts, which AD LDS counts as. So if you set OU-level password policies, they'll be applied for AD LDS accounts.

Note that AD LDS doesn't implement Fine Grained Password Policies.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
Create Active Directory MMC Consoles for Down-Level Administrators
Apr 21, 2010
Q. Can I configure Active Directory's (AD's) garbage collection to delete more than 5,000 objects at a time?
Apr 07, 2010
Load-Balance AD LDS with Microsoft NLB in 6 Steps
Jun 23, 2009
computer password entry box overlaying a keyboard
How To Use PowerShell for Active Directory Password Help
Mar 18, 2024