Define this policy in the database
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
I'm playing around and I need clarification on checking the box that says "Define this policy in the database".
Scenario:
No templates have been applied to the DC at this point and all security policies are at default.
1. Open Security Templates mmc and make a copy of securedc.inf and call it secure291lab.inf.
2. Modify secure291lab.inf by changing the minimum password length to 12.
3. Open the Security Configuration and Analysis mmc and create a new database called secure291lab.sdb.
4. Import secure291lab.inf template and perform an analysis of DC.
5. Verify that minimum password length is mismatched, database setting says 12 characters and computer setting says 7 characters.
6. Double-click on minimum password length policy, check the "Define this policy in the database" and change the value from 12 to 9. Click apply.
7. Choose "Configure computer now" to apply the new minimum password length policy.
Now, without closing the mmc, if I analyze again and use secure291lab.inf the database setting says 9 and the computer setting says 7.
If I go back to the Security Templates mmc and look at securelab.inf, what should the value be for minimum password length? 12 or 9?
Should I assume that checking the "Define this policy in the database" box and modifying a value doesnt actually change the value in my template?
Scenario:
No templates have been applied to the DC at this point and all security policies are at default.
1. Open Security Templates mmc and make a copy of securedc.inf and call it secure291lab.inf.
2. Modify secure291lab.inf by changing the minimum password length to 12.
3. Open the Security Configuration and Analysis mmc and create a new database called secure291lab.sdb.
4. Import secure291lab.inf template and perform an analysis of DC.
5. Verify that minimum password length is mismatched, database setting says 12 characters and computer setting says 7 characters.
6. Double-click on minimum password length policy, check the "Define this policy in the database" and change the value from 12 to 9. Click apply.
7. Choose "Configure computer now" to apply the new minimum password length policy.
Now, without closing the mmc, if I analyze again and use secure291lab.inf the database setting says 9 and the computer setting says 7.
If I go back to the Security Templates mmc and look at securelab.inf, what should the value be for minimum password length? 12 or 9?
Should I assume that checking the "Define this policy in the database" box and modifying a value doesnt actually change the value in my template?
Comments
-
Devilsbane Member Posts: 4,214 ■■■■■■■■□□The template won't get modified until you save the database, and then export it. And even then, only if you save it to the same name.Decide what to be and go be it.