You need to ensure that the minimum password length of …

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012. An organizational unit (OU) named ResearchServers
contains the computer accounts of all research servers. All domain users are configured to have a minimum password length of eight characters. You need to
ensure that the minimum password length of the local user accounts on the research servers in the ResearchServers OU is 10 characters. What should you do?
1. Create a universal group that contains the research servers. Create a Password Settings object (PSO) and assign the PSO to the group.
2. Configure a local Group Policy object (GPO) on each research server.
3. Create and link a Group Policy object (GPO) to the ResearchServers OU.
4. Create a global group that contains the research servers. Create a Password Settings object (PSO) and assign the PSO to the group.

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012. An organizational unit (OU) named ResearchServers
contains the computer accounts of all research servers. All domain users are configured to have a minimum password length of eight characters. You need to
ensure that the minimum password length of the local user accounts on the research servers in the ResearchServers OU is 10 characters. What should you do?
1. Create a universal group that contains the research servers. Create a Password Settings object (PSO) and assign the PSO to the group.
2. Configure a local Group Policy object (GPO) on each research server.
3. Create and link a Group Policy object (GPO) to the ResearchServers OU.
4. Create a global group that contains the research servers. Create a Password Settings object (PSO) and assign the PSO to the group.

Answer: Pending

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

sultan

sultan

Correct answer is 3. Create and link a Group Policy object (GPO) to the ResearchServers OU.

https://technet.microsoft.com/pt-pt/library/cc757692

Exam Ref 70-411 by MS Press. See the below fragment from Chapter 5, Objective 5.4 Delegating password settings management:
“The local user password policy is inherited from the Default Domain Policy and can’t be overridden for domain joined computers. If you have to set a different local user password policy for a subset of computers, place those computers in a separate OU and define the password policy for that OU.”

Reply

cfourmatrix

cfourmatrix

What is up with the pending answers? Usually the is a comment that looks good to me

Reply

Gonzalo Escajadillo

Gonzalo Escajadillo

Correct answer is 1
Create a universal group that contains the research servers. Create a Password Settings object (PSO) and assign the PSO to the group.

when you want to manage password for a specific group you must handle with password grain policy, other wise settings at default domain policy will work.

https://blogs.technet.microsoft.com/canitpro/2013/05/29/step-by-step-enabling-and-using-fine-grained-password-policies-in-ad/

Reply

zkzzmyox

zkzzmyox

The answer is 3, from your source:
“Fine-grained password policies apply only to global security groups and user objects. ” not local user accounts

Reply