Active Directory Fine Grained Password Policy (Part 2)

The Objective of this document is to show the implementation steps for Windows 2008 R2 Active Directory features like Fine Grained Password Policy. 
We have already discussed How to Create Policy in the Part 1 post, now we will discuss the post to apply the policy to user or group.

How to Apply PSO to User or Group:

In this example we are going to apply the above created “Test IT Pwd Policy” to ITING Group which contains “TestIT1” user account.




Step 1: Open Active Directory Users and Computers and navigate to “System > Password Settings Container”
Note: Advanced Mode needs to be enabled in this window.

Step 2: Double click on the PSO you created then click on the “Attribute Editor” tab and then select the “msDS-PSOAppliedTo” attribute and click “Edit”



Step 3: Click “Add Windows Accounts” button.



Step 4: Select the user or group you want to apply this PSO and click “OK”



Step 5: Click “OK”



Step 6: Click “OK”



Step 7: Click “Apply” & then “OK”


You have successfully created a password policy and it has been mapped to ITING group.

One thought on “Active Directory Fine Grained Password Policy (Part 2)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s