Announcement

Collapse
No announcement yet.

ADUC Password Requirements

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ADUC Password Requirements

    Hi,
    We recently set pretty strict password requirements on our Domain.
    I would like to have ADUC be immune to these requirements. This way administrators only can bypass these standards.
    I have seen it work this way in the past I just dont know what I am missing.

    Any help would be appreciated.

    Thanks
    Sara


  • #2
    Re: ADUC Password Requirements

    Originally posted by dageret View Post
    Hi,
    We recently set pretty strict password requirements on our Domain.
    I would like to have ADUC be immune to these requirements. This way administrators only can bypass these standards.
    I have seen it work this way in the past I just dont know what I am missing.

    Any help would be appreciated.

    Thanks
    Sara

    First, on a personal note, adminstrators are probably the most important users to enforce the policy on. However, there may be other special accounts that you need immune from the policy that have static passwords that are already very long etc.

    In ADUC, go the the Properties of the user account.

    Click on the 'Accounts Tab'.

    Select the 'Password Never Expires' checkbox.

    Also, you can deny the users apply and read of the policy but you would then need to set another GPO to apply other settings to them, so not advisable.

    Comment


    • #3
      Re: ADUC Password Requirements

      Or, if you're running 2008 create a PSO and apply it the group of users

      Comment


      • #4
        Re: ADUC Password Requirements

        Ok so the reason I need it is because I have a couple accounts that the passwords were changed in error. But these needed to stay as is. The password is hardcoded in the program we use it for and many other places.
        I need to set the password back (it is secure enough for what it is)
        But it wont let me use that password. is there a way to force it to let me?
        Thanks
        Sara

        Comment


        • #5
          Re: ADUC Password Requirements

          Well change the policy settings again but instead of enabled change it to disabled.
          Wait until the GPO is applied and/or run a gpupdate.

          If successful, change the passwords and then change the policies again
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: ADUC Password Requirements

            Originally posted by dageret View Post
            Ok so the reason I need it is because I have a couple accounts that the passwords were changed in error. But these needed to stay as is. The password is hardcoded in the program we use it for and many other places.
            I need to set the password back (it is secure enough for what it is)
            But it wont let me use that password. is there a way to force it to let me?
            Thanks
            Sara
            Reset the password in AD by right clicking it. That will allow you to set it to the same password.

            Comment


            • #7
              Re: ADUC Password Requirements

              Ya thats what you would think. but i get that error that it doesnt meet the minumum requirement.
              I know its possible the company I used to work at had it setup that way. I mean even in ADUC it enforced 5 characters but not all the rest of the requirements.

              I would rather that be the default than to have to change the whole policy everytime something like this happens.

              Any help would be awesome. Thanks
              Sara

              Comment


              • #8
                Re: ADUC Password Requirements

                Password Complexity had been disabled and the GPO had control of what the password requirements were.

                If you have Server 2008 you can change the complexity and apply different requirements to different users.
                If you have Server 2003 then you will need disable Complex Passwords and manually setup password requirements.
                1 1 was a racehorse.
                2 2 was 1 2.
                1 1 1 1 race 1 day,
                2 2 1 1 2

                Comment


                • #9
                  Re: ADUC Password Requirements

                  Originally posted by biggles77 View Post
                  Password Complexity had been disabled and the GPO had control of what the password requirements were.

                  If you have Server 2008 you can change the complexity and apply different requirements to different users.
                  If you have Server 2003 then you will need disable Complex Passwords and manually setup password requirements.

                  Thank you this is exactly what I needed to know.


                  Comment


                  • #10
                    Re: ADUC Password Requirements

                    Originally posted by biggles77 View Post
                    Password Complexity had been disabled and the GPO had control of what the password requirements were.

                    If you have Server 2008 you can change the complexity and apply different requirements to different users.
                    If you have Server 2003 then you will need disable Complex Passwords and manually setup password requirements.
                    One last thing. When you say manually setup password requirements. What do you mean via what?

                    Thanks

                    Sara

                    Comment


                    • #11
                      Re: ADUC Password Requirements

                      The same as what I'd said...
                      Marcel
                      Technical Consultant
                      Netherlands
                      http://www.phetios.com
                      http://blog.nessus.nl

                      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                      "No matter how secure, there is always the human factor."

                      "Enjoy life today, tomorrow may never come."
                      "If you're going through hell, keep going. ~Winston Churchill"

                      Comment


                      • #12
                        Re: ADUC Password Requirements

                        Originally posted by Dumber View Post
                        The same as what I'd said...
                        Same as what he said but WITH pictures. The one that you need to change is highlighted. Then you have to enable the setting (double click on the setting and you should be able to understand what is required). Post back if you have further questions.

                        Click image for larger version

Name:	password-policy.jpg
Views:	1
Size:	78.6 KB
ID:	463991
                        1 1 was a racehorse.
                        2 2 was 1 2.
                        1 1 1 1 race 1 day,
                        2 2 1 1 2

                        Comment


                        • #13
                          Re: ADUC Password Requirements

                          Thank you. Ok so disabling the GP I know how to do. Thing is you will need disable Complex Passwords and manually setup password requirements.
                          What is meant by "manually setting up password requirements"?

                          See I dont want to disable GP reset the password and enable GP everytime I have this need. I would like to beable to have a password policy in affect and beable to use any password as admin mode in AD.

                          Thanks for your help on this.
                          S

                          Comment

                          Working...
                          X