Re: Identify accounts with Blank Passwords
From: Marin Marinov (mlmarinov_at_askme.ca)
Date: 04/22/04
- Next message: Marin Marinov: "Re: Disabling Services"
- Previous message: dln: "Re: Which group has the ability to create contacts in AD?"
- In reply to: Tim: "Identify accounts with Blank Passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 Apr 2004 10:23:35 -0400
In article <91d5806d.0404220315.3e1f0081@posting.google.com>,
tim.oshea@lfs.co.uk says...
> In order to ensure that a domain is secure, I want to find out if any
> users still have blank passwords. Is ther any way of doing this?
>
> I have set a policy to dissalow blank passwords, but if a user account
> has not been logged into, it is conceivable that the password is still
> blank.
>
> Additionally, is there any way of automatically enforcing a password
> to be entered when an account is set up?
>
> Thanks
Tim, take a look at Microsoft Baseline Security Analyzer at:
http://support.microsoft.com/default.aspx?scid=kb;en-us;320454&sd=tech
As per the second part of your question - if the password you enter when
you create the account doesn't satisfy the password requirements you
should get an error. So if you specify minimum password length of at
least 1 or enable password complexity (which requires at least 6
characters) you'll solve your problem.
-- Cheers, Marin Marinov MCT,MCSE 2003,MCSE:Security 2003 - This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: Marin Marinov: "Re: Disabling Services"
- Previous message: dln: "Re: Which group has the ability to create contacts in AD?"
- In reply to: Tim: "Identify accounts with Blank Passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
