SOX compliant .. different password policy need for privilege accounts

Giganews Newsgroups
Subject: SOX compliant .. different password policy need for privilege accounts
Posted by:  John (Jo…@somewhere.com)
Date: Fri, 29 Sep 2006

Hello All
Due to recent SOX requirements we are require to have a different password
policy for all privilege accounts however our Win2003 forest consist of a
single domain . We would of like to implement the empty root design model in
this way all our privilege accounts would reside in the root domain and all
users accounts would reside in the child domain. However this design model
is not an option  since we have currently have a flat single forest /single
domain and restructuring our forest to include an empty domain would be
impossible, or is it possible ? .
My question is how do I  implement a different password policy for all  my
privilege accounts ?
I had one idea but no sure if this would work. ..Create a non contiguous
domain tree and this domain will contain all my privilege accounts thus
using a different password policy. But I would also need these privilege
accounts  to be domain admins of the entire forest , would this work  ?

Any idea's would certainly be appreciated
TIA..
John

Replies