![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 81%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi FanFan,
Thank you for the info but I think you didn't understand my questions. First of all, password policy is a part of Group Policy. And Group Policy is stored at SYSVOL folder, which will be copied to the PDC emulator server before distributing to the domain computers. So if I block the domain controllers from inheritance of GP/password policy/default domain policy at the domain level, the password policy won't be copied to the PDC emulator server. (At least in my test environment, it works like this.)
Secondly, password policy at the OU level cannot be applied to domain users.
So if the domain controllers is blocked from inheritance of the password policy, is there a workaround to apply the password policy to the domain computers? If FGPP is not distributed by PDC emulator server, I think it could be a workaround.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)