The current design for group-based password policy uses CoS to deliver the policy and maintains a loose linkage with the group by using the same name.
This has a few issues:
If the policy were to be a managed entry then management would be automatic.
This also means that there would be no explicit "delete group password policy" ACI necessary.
Metadata Update from @rcritten: - Issue tagged with: refactoring
Login to comment on this ticket.