troubleshooting Question
Sanity Check: How To Tell What Password Policy is being Used by Active Directory
Tessando
asked on
asked on
I would like to know what the current Password Policy for Active Directory is because I have inherited some information that is conflicting.
When I run this Powershell command on a Server connected to the Network:
The previous Devs left a Scheduled Task that reminds users to change their password every 76, 83 and 89 days. This uses a. DSGet Powershell command and implies that passwords last longer than 42 days!
Could there be fine-grained passwords in a level above this? Or does the Powershell command "Get-ADDefaultDomainPasswordPolicy" show what is being applied?
Thanks for the Friday Afternoon sanity check.
When I run this Powershell command on a Server connected to the Network:
Get-ADDefaultDomainPasswordPolicyI get the following Results:
ComplexityEnabled : True
DistinguishedName : DC=company,DC=com
LockoutDuration : 00:30:00
LockoutObservationWindow : 00:30:00
LockoutThreshold : 0
MaxPasswordAge : 42.00:00:00
MinPasswordAge : 1.00:00:00
MinPasswordLength : 7
objectClass : {domainDNS}
objectGuid : d90d-45e9-8f3e
PasswordHistoryCount : 24
ReversibleEncryptionEnabled : FalseBased on this, does it appear that the number of days before a user is required to change their password is 42?The previous Devs left a Scheduled Task that reminds users to change their password every 76, 83 and 89 days. This uses a. DSGet Powershell command and implies that passwords last longer than 42 days!
Could there be fine-grained passwords in a level above this? Or does the Powershell command "Get-ADDefaultDomainPasswordPolicy" show what is being applied?
Thanks for the Friday Afternoon sanity check.
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.