Configure and Manage AD DS Passwords
You are the IT administrator for a small corporate network. You must configure a password policy for the domain on the CorpDC server.
In this lab, your task is to edit the Default Domain Policy and configure the account policy settings as follows:
- Configure the password polices.
- New passwords must be different from the previous 10 passwords.
- Users must change passwords every 90 days.
- Users cannot change a new password for at least 14 days.
- Passwords must be at least 10 characters long.
- Passwords must contain uppercase letter, lowercase letter, number, and symbol characters.
- Configure the account lockout policies.
- If 5 incorrect passwords are entered, lock the account.
- After a failed logon attempt, lock the account for 10 minutes.
- Keep accounts locked for 60 minutes and then unlock the account automatically.
- Access the CorpDC virtual server.
- In Hyper-V Manager, select CORPSERVER.
- Under Virtual Machines, double-click CorpDC to connect to the virtual server.
- Modify the password policies.
- From Server Manager, select Tools > Group Policy Management.
- Maximize the window for better viewing.
- From the left pane, expand Forest: CorpNet.local > Domains > CorpNet.local.
- Right-click Default Domain Policy and select Edit.
- Maximize the window for better viewing.
- Under Computer Configuration, expand Policies > Windows Settings > Security Settings > Account Policies.
- Select Password Policy.
- From the right pane, double-click the policy you want to edit.
- Make sure Define this policy setting is selected.
- Edit the value for the policy, and then select OK.
- Repeat steps 2h–2j for each policy.
- Modify account lockout policies.
- From the left pane, select Account Lockout Policy.
- From the right pane, double-click the policy you want to edit.
- Make sure Define this policy setting is selected.
- Edit the value for the policy and then select OK.
- Repeat steps 3b–4d for additional policies.
Comments
Post a Comment