enforce maximum password lenght in Active directory (Windows 2003 Server)

Hello,

I can set the minimum password lenght, which is great.  But how can I force the password lenght to be no more than say 10 characters?  Is there s hidden setting or a script that will do this?

I would like the users to be able to enter passwords with a minimumn lenght of 6 and maximum lenght of 10 characters.

Thank you
hockeyhalloffameAsked:
Who is Participating?
 
oBdAConnect With a Mentor Commented:
You can only do that with a 3rd-party tool (for example from http://www.anixis.com/, http://www.specopssoft.com/); the standard password filter doesn't allow for this.
And in case that helps any, here's a dll that would allow you to run a script when a user changes his AD password (functionality is included in Anixis' PPE, don't know about the Specops Password Policy):
Password Filter DLL
http://sourceforge.net/projects/passwdhk/
0
 
vanbarsounCommented:
I'm pretty sure AD does not have anything built-in that will max it out,  but I'm curious as to why you would want to in the first place?
0
 
Mike KlineCommented:
No hidden setting or native way in group policy to set a "maximum password length" attribute (only minimum like you have noted)
Why do you want to limit them?
Thanks
Mike
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
andy_maskellCommented:
Unfortunately I don't think there is a way to set a maximum password length, only a minimum. The default maximum size is 28 character I believe and you are stuck with it.
0
 
hockeyhalloffameAuthor Commented:
My environment has a couple Iseries in the mix.  I want the user/password to be the same for the user's windows and Iseries sessions.  Its password is maxed out at 10 chars.
0
 
andy_maskellCommented:
Well as there is no way to do it with AD, I can only suggest you provide them with passwords rather than letting the users chose there own and locking out their ability to change it. Although depending on the size of the network this may be impracticle.
0
 
hockeyhalloffameAuthor Commented:
Great - Thank you.  PPE looks like something that could work for us.  I will evaluate it and come back and post my findings probably within the next week.
0
 
hockeyhalloffameAuthor Commented:
The 3rd party tool from Anixis does the trick for us.    Thank you for the tip.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.