With the introduction of the windows VISTA/ Windows 2008 SP2 beta , Windows 7 Microsoft also has released the next version of MSN messenger. You can grab it from here,
One cool thing I notice is you can have animated pictures or video clips you have captured from your web cam as MSN picture. This is really cool.
If you have notice some PC /Laptop hibernation option is not visible under the power management. I was curious to find out same problem occurring in my laptop as well. Further search revealed it’s a matter of enable or disable it via running few commands from the command prompt :) But again windows annoying UAC come into the picture so we need make sure we run the commands under proper privilege. The steps are as follows,
1. Click Start, All Programs, and then right click on "Command Prompt".
2. From the context menu click on "Run as administrator".
3. If User Account Control prompts you to allow the action, click on Continue.
4. In the command prompt window, type "powercfg –h off" (or "on" without the quotes) followed by Enter button.
4. Close the Command Prompt windows and go the power management settings in the control panel Now you can see hibernation option is available for you.
Windows 2008 has lot of new technologies to offer and along with SP2 it has been increased. Branch office caching, Active Directory recycle bin..etc. Among those one of the cool feature is Fine grained password policy. Using this method you can given different set of password polices to selected users or group despite of the default password policy.
This may sound good if you have wish to have different password policy to managers and different password polices to general users and avoid the hassle you face when they forget their complex password. (you know what I mean..right :) Of course you might have been using the password filter or deploy multiple domains to archive this but end of the day those are really frustrating and time consuming methods.
so now you had the taste of the feature let's get our sleeves up for the work :) To make things easier I am going to built this article based on a scenario based method.
Contoso.com is the default domain of the fictitious company and Neo parker has been the CEO. He don't like the idea of having a complex password to remember and prefers to have a simple password as his account password. So without breaking the security on the entire domain level you're going to reduce the password complexity and the minimum of 5 characters to his passwords.
Requirements: your AD domain functional level has to be raised to windows 2008.
First have a look into your existing domain-wide default password policies,
So now we need to create the Password Setting object (PSO). in order to do that we need to open the ADSI edit. I have to warn ADSI edit is not a place to mess around with unless you know exactly what you're doing!
Go to Start--> Administrative tools --> ADSI edit --> select the default settings to connect to the domain. After that in order to create the PSO browse to Expand to Default Naming content\DC=Contoso,DC=com\CN=System\CN=Password Settings Container\
Right click and select new Object,
After that you have to select msDS-PasswordSettings and click next
After that we are coming to complex part of giving the parameters, this is the place you have to pay attention and provide the correct parameters. For detail step by step you can visit here
First setting being ask is to provide a name for the policy, you can give an fancy name but stick to a one that is meaningful,
Next setting is msDS\PasswordsSettingsPrecedence. Assuming the user is a member of 2 or more groups and having different password polices the number you set here will determine which policy to take procedure. So set the value to 1 to make sure this policy will apply all the time to Neo
Next one is msDS-PasswordReversibleEncryptionEnabled which is self explanatory
Next few option are really self explanatory so I'll insert the parameter and the value until we come up with another interesting value :)
msDS-PasswordHistoryLength (Also self explanatory... you can keep up to 1024)
Value = 10
(domain default: 24)
· msDS-PasswordComplexityEnabled (Upper, lower, number, blah blah blah)
Value = True
· msDS-MinimumPasswordLength (If only everyone were using pass-phrases instead of passwords)
Value = 5
After that we are being request to provide values for MinimumPasswordAge, MaximumPasswordAge, LockoutObservationWindow, and LockoutDuration.
So let us walk through the first one of this kind, msDS-MinimumPasswordAge
In the above picture I have provided the value of 1 day. First section is days, then hours, minutes and seconds. Next is
msDS-MaximumPasswordAge
I hope rest process will be easy for you as we discuss here. so instead of the screenshots let me provide the values as follows,
msDS-LockoutThreshold
Value = 0
msDS-LockoutObservationWindow
Value =00:00:06:00
msDS-LockoutDuration
Value = 00:00:06:00
Once you complete the last step you will click the Finish button to complete the steps. If you encounter any errors please have a look into the values you have provided.
so now we have provided Neo minimum characters 5 to his password and still enabled the Password complexity parameter and provide less time value for the Lockdown duration :)
but still we are not completed because we have to tell the system this PSO need to be apply to Neo. If we double click the
msDS-PSOAppliesTo parameter we have the option to provide the particular user's or Group's DN. 
so now what how to find the DN value? well my friends we have to walk to the Active Directory Users and computers, and enabled the Advances Features,
After that we need to go to the properties of the Neo's account and select the Attribute Editor which shows the DN of Neo's user account.
Copy that value and we go back to the ADSI editor CN=System -->CN=Password Settings and under the current PSO paste the values you have copied from Neo's account,
Wola that complete the lengthy task.
For more information you can refer here,
