Implementing Password Controls and Account Policies Using Windows 2000 Group Policy

Microsoft's Windows 2000 brought many changes to the way security is implemented in the Windows environment. Windows 2000 uses Active Directory to store and manage security information, and the security rules on a domain are enforced using Group Policy and Group Policy Objects. This paper will provide the reader with a high-level understanding of Group Policy, discuss some issues to consider when implementing Group Policy, and describe how strong password controls and secure account policies, as documented in the SANS Windows NT Security Step by Step, can be implemented in Windows 2000.