[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

enforce maximum password lenght in Active directory (Windows 2003 Server)

Posted on 2010-09-13
8
Medium Priority
?
1,319 Views
Last Modified: 2012-05-10
Hello,

I can set the minimum password lenght, which is great.  But how can I force the password lenght to be no more than say 10 characters?  Is there s hidden setting or a script that will do this?

I would like the users to be able to enter passwords with a minimumn lenght of 6 and maximum lenght of 10 characters.

Thank you
0
Comment
Question by:hockeyhalloffame
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 9

Expert Comment

by:vanbarsoun
ID: 33663812
I'm pretty sure AD does not have anything built-in that will max it out,  but I'm curious as to why you would want to in the first place?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33663822
No hidden setting or native way in group policy to set a "maximum password length" attribute (only minimum like you have noted)
Why do you want to limit them?
Thanks
Mike
0
 
LVL 4

Expert Comment

by:andy_maskell
ID: 33663897
Unfortunately I don't think there is a way to set a maximum password length, only a minimum. The default maximum size is 28 character I believe and you are stuck with it.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:hockeyhalloffame
ID: 33663898
My environment has a couple Iseries in the mix.  I want the user/password to be the same for the user's windows and Iseries sessions.  Its password is maxed out at 10 chars.
0
 
LVL 4

Expert Comment

by:andy_maskell
ID: 33664254
Well as there is no way to do it with AD, I can only suggest you provide them with passwords rather than letting the users chose there own and locking out their ability to change it. Although depending on the size of the network this may be impracticle.
0
 
LVL 85

Accepted Solution

by:
oBdA earned 2000 total points
ID: 33664868
You can only do that with a 3rd-party tool (for example from http://www.anixis.com/, http://www.specopssoft.com/); the standard password filter doesn't allow for this.
And in case that helps any, here's a dll that would allow you to run a script when a user changes his AD password (functionality is included in Anixis' PPE, don't know about the Specops Password Policy):
Password Filter DLL
http://sourceforge.net/projects/passwdhk/
0
 

Author Comment

by:hockeyhalloffame
ID: 33665247
Great - Thank you.  PPE looks like something that could work for us.  I will evaluate it and come back and post my findings probably within the next week.
0
 

Author Comment

by:hockeyhalloffame
ID: 33850224
The 3rd party tool from Anixis does the trick for us.    Thank you for the tip.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question