Re: Multiple Password Policies

From: Cartman (Cartman_at_discussions.microsoft.com)
Date: 04/29/05 

Date: Fri, 29 Apr 2005 13:04:12 -0700

Thanks for your help guys. Since creating password filters involve some
development and time, I've been testing Passfilt Pro from Altusnet; however,
it lacks some user friendliness; in other words, I've set up 4 different
password policies; however, when user tries to change a pass, he/she gets a
message from "Default Domain Password" policy:
Default Domain Policy - Pass Min - 0 or "Not Defined"
Passfilt Policy1 - 5 chars.min. for Group1/User1
Passfilt Policy2 - 10 chars.min. for Group2/User2
Passfilt Policy3 - 20 chars.min. for Group3/User3
All they get is the message from Default Domain Policy stating the password
should be "0 characters." 

-- 
Thanks, 
Eric. 
"Joe Richards [MVP]" wrote:
> Only attempt this if you are a good Windows c/c++ coder or you know a good 
> Windows c/c++ coder because you can seriouly impact the stability and security 
> of your domain.
> 
> Start here (URL may Wrap):
> 
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmgmt/security/installing_and_registering_a_password_filter_dll.asp
> 
> 
> Note I am serious about having a good c/c++ programmer. This is not trivial. If 
> someone says that it is, they really don't understand the criticality and impact 
> behind this functionality and I would be wary.
> 
> You may also want to look at these folks - www.psynch.com
> 
> 
>    joe
> 
> 
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> www.joeware.net
> 
> 
> Cartman wrote:
> > I appreciate your responses. I guess "tricking the OS" was not the right 
> > term. What I'm trying to find out is where to start on writing those 
> > extensions. Does my policy have to check for OU membership? I guess I need 
> > some help finding a starting point. Passfilt Pro is a good filter; however, 
> > it offers only 4 password policies, but I'd like to have more... 
>
Quantcast