Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows
Server 2008, Windows Server 2008 R2, or Windows Server 2012 R2. You have a Password Settings object
(PSOs) named PSO1. You need to view the settings of PSO1. Which tool should you use?
A.
Get-ADDomainControllerPasswordReplicationPolicy
B.
Get-ADDefaultDomainPasswordPolicy
C.
Active Directory Administrator Centre
D.
Local Security Policies
Explanation:
http://technet.microsoft.com/en-us/library/ee617231.aspx
To get a list of all the properties of an ADFineGrainedPasswordPolicy object, use the following command:
Get-ADFineGrainedPasswordPolicy<fine grained password policy> -Properties * | Get-Member […]
EXAMPLE 2Command Prompt: C:\\PS>
Get-ADFineGrainedPasswordPolicyAdminsPSO Name: AdminsPSO ComplexityEnabled: True
LockoutThreshold: 0
ReversibleEncryptionEnabled : True
LockoutDuration: 00:30:00
LockoutObservationWindow: 00:30:00
MinPasswordLength: 10
Precedence: 200
ObjectGUID: ba1061f0-c947-4018-a399-6ad8897d26e3
ObjectClass: msDS-PasswordSettings
PasswordHistoryCount: 24
MinPasswordAge: 1.00:00:00
MaxPasswordAge: 15.00:00:00
AppliesTo: {}
DistinguishedName: CN=AdminsPSO,CN=Password Settings
Container,CN=System,DC=FABRIKAM,
DC=COM
Description: Get the Fine Grained Password Policy named `AdminsPSO’.
In Windows Server 2012, fine-grained password policy management is made much easier than Windows Server 2008/2008 R2. Windows Administrators not have to use ADSI Edit and configure complicated settings to create the Password Settings Object (PSO) in thePassword Settings Container. Instead we can configure fine-grained password policy directly in Active Directory Administrative Center (ADAC).