"

Wrong notifications for Fine Grained Policy users

Last review: Jan 01, 2013
https://kb.netwrix.com/1172
Copy Article URL Copied

There are several Fine-Grained Policy users and several domain password policy users. And Fine-Grained Policy users receive notifications as if they were not Fine-Grained Policy users.


Workaround:
1. Create a separate OU for the users with the fine-grained policy (e.g. FGP_Users OU)
2. Exclude the FGP_Users OU from monitoring by adding this OU to the omitoulist.txt usually located in the Password Expiration Notifier installation folder. It is a text file that allows you to define the OUs excluded from monitoring.

Please find the file description below:


#
# This file defines a list of OUs to exclude from processing. To specify these OUs and subOUs, just type in their names each on a new line. You may also use wildcards.
#
# Example: *OU=C,OU=B,OU=A* – for ABC


So if you create FGP_Users OU and add the following line to the file, this OU will not be monitored by Netwrix Password Expiration Notifier.
#
*OU= FGP_Users OU *

3. If you are running Netwrix Auditor 8.5 and older, install the product on a different server. That you have two product installations on different servers. When creating a Managed Object, on the Select Managed Object Type screen, select Organizational Unit. Proceed with the installation in accordance with the product documentation.

This instance will monitor the domain users with “fine-grained policy” passwords.

Go Up