Stay organized with collections
Save and categorize content based on your preferences.
This page explains the fine-grained password policies (FGPP) concepts and
related best practices for Managed Service for Microsoft Active Directory.
Overview
You can use
FGPP
to define and enforce strong password settings on a specific Active Directory
user or group. Note that password policies are different from the default domain
password policy which is configured by a group policy and linked to the root of
the domain.
FGPP is set in Password Settings Objects (PSO). Each PSO has a precedence
value that indicates its priority. The lower this value, the higher the priority
of that PSO. Managed Microsoft AD creates ten PSOs with default settings. You
cannot change the names or precedences of these PSOs, but you can change the
settings. For more information about the pre-created PSOs, see Password
Settings Objects.
Policy settings
Each PSO can contain the following policy settings:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-02-14 UTC."],[],[]]
