domain security policy

[Bannon]

Hey all,

I want my domain users restricted from using anything in thier full name or username as thier passwords, but I do not want them to have to use special characters and cases. Is there a way to do this without writing my own dll and replacing the entries in the registry?

My users arent very bright and have bad memories, but the continue to ignore my rules. (bet you haven't heard that one before)

thanks

 

[semiles]

This is a problem that I've been dealing with. As far as I know in the case of the password complexity, unless you create something of your own, you are stuck with the policies that 2000 offers. I have researched to exhaustion a way of bypassing this with no success. If you do find a way please let me know.

 

[ChrisRAnthony]

In Windows NT there was a registry and DLL change which enabled "strong password". The "Q" article is Q161990 and can be found on Http:\\support.microsoft.com. This ensured that a users password consisted of numbers, upper letters, lower case letters and symbols. The password had to consI am not sure if this will work with W2K, but I will investigate further and post another reply.

Chris Anthony

 

[GiaBetiu]

Strong password functionality is included in Windows 2000. Should be just actiated via GPOs (Group Policies Objects).
Go to:
...\Security Settings\Account Policies\Password Policy and set "Passwords must meet complexity requirements" to enable.

This settings is similar with the previous passfit.dll from Windows NT 4. Gia Betiu
m.betiu@chello.nl
Computer Eng. CNE 4, CNE 5