Home > IT Answers > Microsoft Windows > Blank password on server
Help

Question

  Asked: Mar 11 2008   1:30 AM GMT
  Asked by: Kiwihk

Blank password on server


Windows Server 2003, Active Directory, Group Policy, Password

Hi

Is it possible to set up a group of users to have no passwords and all other have passwords that they have to change every 90 days, I can only do it for all users and not sure how to do exclude a group in AD, with have only 1 domain controller with XP pro clients.

Subscribe to Alerts! Get questions and answers delivered to your Inbox.


E-mail me updates on this question



   SUBSCRIBE

hidden modal window
Help

Answer Wiki (Improve, edit or add to this answer)

IMPROVE THIS ANSWER
View History
 RATE THIS ANSWER
+1
Click to Vote:
  •   1
  •  0
Last Answered: Mar 11 2008  1:33 AM GMT  by Buddyfarr




this is possible but HIGHLY insecure. You would have to setup a separate organizational unit with the ones that you want NO password for. Then create a group policy object for them to have no password length, etc. forced on them. Then link the group policy to that OU. Make sure you set the GPO, (group policy object), so that it does NOT inherit policies. BUT if the domain policy forces inheritance then it still will not work. You would have to make sure that it is not forcing inheritance.
  • AddThis Social Bookmark Button

Browse more Questions and Answers on Microsoft Windows and Security.

Looking for relevant Microsoft Windows Whitepapers? Visit the SearchEnterpriseDesktop.com Research Library.


RSS - Discussions Help

Discuss This Answer


You must be logged-in to discuss a question. Log-in/Register

Wrobinson  |   Mar 18 2008  12:56AM GMT

You can do so but by default password complexity is enabled in Windows Server 2003 Active Directory, so you will have to disable it in order to assign blank and weak passwords.

 

Mnman66  |   Mar 22 2008  12:17PM GMT

As everyone else is saying, you can do this but with HIGH security risks. There shouldn’t be any reason for a person or group of people to not use a password. There are numerous articles out on the Internet that you can reference if you need to take it to the next level of authority. Even programs and processes can be scripted to run. You also run the risk of Sar-Ox audit and getting spanked for having users with no passwords. Not a good deal all around.