How To Check If A PSO Has Been Applied To A User Or Group

In Windows Server 2008 you can implement multiple password policies for users or groups. The effective password policies for a user or group are stored in AD Attributes. You need to use Attribute Editor to check the password policy status. There is an attribute that you need to check. 


  • Right Click on User or Group > Property.
  • Click on Attribute Editor Tab.
  • Find the msDS-ResultantPSO attribute.
  • If a password policy or PSO applies to a user or group, it will be displayed in the attribute's property with the CN of the PSO.


About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top