XtreemeChaos wrote: I'm sure someone will correct me if I'm wrong, but here goes: Group Policies are applied in DSOU order.. Domain, Site, OU. Since the OU is the last to be applied, I think that the Password Policies set in the OU would overwrite any from the Domain or Site, providing that you don't have any special settings such as Block Overwrite, etc.
cnfuzzd wrote: so pretty much there is no way to remove the requirement on this group of users to change their passwords without breaking them out into a new domain? John