We have a Novell workgroup environment where we use the Zenworks management tool in order to maintain the local workstation accounts. Currently we have no Windows password policies being enforced at the workstation level. Password criteria is dictated soley by universal password in Netware. We would like to enforce certain criteria (maximium password age, length, complexity) on the workstations themselves using local group policy. In my testing thus far, it does not appear that the local policy takes effect on workstation accounts immediately after it's pushed. Is this true? If so, when do the local workstation accounts adhere to this policy? Is it when the password is changed to something else? What we want to make sure is that the two policies, local and Netware do not conflict causing a user not being able to log in. Our thoughts were to get the users set up with the criteria that we want on the Netware side (our customer would like stronger passwords than what we are using now) then once the dust settles, apply the same policies to the workstation. We do not want to have a situation where a local account could be manually created and it not have to meet any password criteria. This is our current situation that we are trying to eliminate. The chances of such a scenario are slim because it would take an administrator to create such an account, but we do not want to leave anything vulnerable.

Thanks in advance.