Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Adding and Enforcing password policy

  • Filter
  • Time
  • Show
Clear All
new posts

  • Adding and Enforcing password policy

    At the moment all users have passwords but i want to enforce complex passwords ie min 8 characters, etc..

    Once make these changes to the domain policy, will it only effect new passwords created or will it look at existing passwords and prompt the user to change.

    I suppose i could enforce a password change across the domain to enforce this chnage but as some users already have suitable passwords i was wondering if there is a way round it.



  • #2
    Re: Adding and Enforcing password policy


    It will only come into effect when the user has to change their password. All users who have passwords that dont match the 'Complex' requirement will be OK untill they are forced to next xhange their password.

    I suppose it's up to you whether you want to force all users to change their password straight away after you implement the complex password. I would also advise all users of the change and what the requirements of the new password are.

    Hope this helps

    Michael Armstrong
    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **


    • #3
      Re: Adding and Enforcing password policy

      To select the users you need to have complax passwords, you could use a logon script only for those users. Or set the complax password option manually if there are only a few users and then set the password to be changed at next logon.
      Forensic IT Consultant


      • #4
        Re: Adding and Enforcing password policy

        If you have Win 2003 than forcing to change password is simple:

        Use this command line code

        dsmod user "cn=username, ou=orgunit, dc=domain, dc=local" -mustchpwd yes

        if users have enabled password never expires then first you must disable it via same command

        dsmod user "cn=username, ou=orgunit, dc=domain, dc=local" -pwdneverexpires no
        Arber I. Ibrahimi