> Can someone please let me know if I am missing something
> obvious or whether my logic is just messed up.......
The key point that you are missing is that password policies (length,
history, etc.) can only be applied at the domain level in Windows 2000
Active Directory.
The settings in the GPO for the High Security workstation are rightly
being ignored.
Basically you can't do what you want to do with Windows 2000 -- I'd
question why having the "high security" PC that only lets people with
long passwords on was necessary (i.e. give us your reasoning and we'll
try and come up with a different wy of solving the problem.)
--
Adam
http://www.adamwood.com
List info: http://www.activedir.org/mail_list.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
