?
Solved

Group policy so that passwords may not contain any simple pattern of letters or numbers such as "qwertyxx" or "xyz123xx"

Posted on 2016-11-09
4
Medium Priority
?
116 Views
Last Modified: 2016-11-12
Please provide me with the steps on how to create a group policy so that account passwords may not contain any simple pattern of letters or numbers such as "qwertyxx" or "xyz123xx."
0
Comment
Question by:Knowledgeable
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Assisted Solution

by:Dustin Saunders
Dustin Saunders earned 1000 total points
ID: 41881393
In 2012 you can use Fine Grained Passwords to do this.

Open ADAC from your DC and create a new password policy, then the group it applies to (e.g. Domain Users).

Here's a step by step:
https://blogs.technet.microsoft.com/canitpro/2013/05/29/step-by-step-enabling-and-using-fine-grained-password-policies-in-ad/
0
 
LVL 19

Accepted Solution

by:
Mal Osborne earned 1000 total points
ID: 41881502
Not going to be possible with Windows server "out of the box", however third party products exist that can do this. Here are a couple:

http://anixis.com/products/ppe/
http://nfrontsecurity.com/products/nfront-password-filter/
2
 
LVL 56

Expert Comment

by:McKnife
ID: 41881974
+1 for Anixis PPE.
It is also correct, what Malmensa says: not possible with built-in GPOs or fine grained password policies.
0
 
LVL 13

Expert Comment

by:Dustin Saunders
ID: 41882263
The other experts are correct about FGP, I misread and thought you only wanted to prevent passwords that consist of lowercase strings exclusively.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
In this blog, we’ll look at how improvements to Percona XtraDB Cluster improved IST performance.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question