locked
Enforce GPO on Local User? RRS feed

  • Question

  • Hi, We have Password policy defined in our DCs that enforce long and complex passwords (e,g, 12 characters min with combinations of lower/upper cases plus number, etc). This works well for office base staff. However we notice that our home workers are able to reset to short and simple passwords.

    We found that if home workers are logged in VPN then when they changed their passwords (expire) they need to specify a lengthy and complex one. But if they changed their passwords outside of VPN, they are able to set short & simple passwords.

    However the "password duration/expiration" has been successfully pushed regardless they are in VPN or not.

    Is there a way to enforce our GPO over any local policy (even users not in VPN)? We don't want to change LP for hundred of users as very time consuming.

    Thanks in advance for any help.

    Wednesday, July 22, 2020 8:57 AM

All replies

  • do your home workers use domain-joined computers, with local-machine-accounts?

    or are the domain-user-accounts?

    do you define password-policies scoped to the domain-member-workstation-computers?

    are these home workers connecting via RDS or VDI?


    Don [doesn't work for MSFT, and they're probably glad about that ;]

    Wednesday, July 22, 2020 11:26 AM
  • Hi,

     

    Just want to confirm the current situations.

     

    Please feel free to let us know if you need further assistance.

     

    Best Regards,

    Vicky 


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 27, 2020 8:34 AM
  • Hi,

     

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

     

    Best Regards,

    Vicky


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, July 29, 2020 6:21 AM