Re: NT4 password limited to 14 characters ?

Hi,

sorry for my poor english but what does "Do experiment" mean please ? :D It means "make some tests" ?

Because it is what I already did with no success :D

It doesn't seem that NT allows long passwords if we try to set up them via usrmgr,Dameware or net user command

Thanks
We share the inconclusion.
NT allows long passwords - but those aren't always effectively used. Sometimes, depending on the setting, only part of the password is used. I think this is the truth.
Now do experiment please.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

"Pascal" <pascal_t@xxxxxxxxxxxxxxxxxx> wrote in message news:mn.93497d77256998b5.70874@xxxxxxxxxxxxxxxxxxxxx
Thank you Svyatoslav .

I have read the article but nothing permits me to conclude that we cannot setup a password that has more than 14 characters :-/

But it is written that NT4 Sp6 supports NTLMv2.

So ... :D

P.S: I have made a new test where I forced my 2k client (SP4) to use only NTLMv2 method (lmcompatibilitylevel to 3) while the LMcompatibility level was at 5 on my PDC NT4 Sp6.
But the problem remains when I try to change the password through my win2k client.

Thanks guys

Here's some facts about lmcompatibilitylevel:

http://www.microsoft.com/technet/technetmag/issues/2006/08/SecurityWatch/default.aspx


--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

"Pascal" <pascal_t@xxxxxxxxxxxxxxxxxx> wrote in message news:mn.8aa37d77a4d720b7.70874@xxxxxxxxxxxxxxxxxxxxx
Here is what I did, just to be sure that it is the right method to disable LM hash :
On my PDC (NT4 Sp6a),

I have created a DWORD value (LMCompatibilityLevel) on HKEY_LOCAL_MACHINE\System\CurrentControlSet\control\LSA
with Value = 5 (Refuse LM and NTLM)

and

NtlmMinServerSec and NtlmMinClientSec (DWORD) on MSV1_0 with 0 as value.

Then I have restarted the PDC.

When I try to change the password from usrmgr, damewarent utilities or through a 2000 workstation, I always have an error saying that the password does not meet the password policy requirements but it's false
:D

If I set "12345678901234" as password it works.
If I set "123456789012345" I have the message quoted above. (Same issue with a real complex password like IL0veLMH@shP@ssw0rd! )

This is quite strange because I have never really seen some people complaining about this limitation.

Thank you



OT but I must say: I like your style, George.

On Jul 16, 2:57 pm, "George Valkov" <a...@xxxxx> wrote:
Error lookup: 2245
{
The password does not meet the password policy requirements. Check the
minimum password length, password complexity and password history
requirements.}

Try a more complex password like this:
aBcD1234.$#~9012@!-+789

-- Pascal



-- Pascal



--
Pascal


.

Relevant Pages

  • Re: NT4 password limited to 14 characters ?
    ... I have made a new test where I forced my 2k client to use only NTLMv2 method (lmcompatibilitylevel to 3) while the LMcompatibility level was at 5 on my PDC NT4 Sp6. ... When I try to change the password from usrmgr, damewarent utilities or through a 2000 workstation, I always have an error saying that the password does not meet the password policy requirements but it's false:D ... (Same issue with a real complex password like IL0veLMH@shP@ssw0rd! ...
    (microsoft.public.windows.server.security)
  • Re: NT4 password limited to 14 characters ?
    ... NtlmMinServerSec and NtlmMinClientSec on MSV1_0 with 0 as value. ... Then I have restarted the PDC. ... When I try to change the password from usrmgr, damewarent utilities or through a 2000 workstation, I always have an error saying that the password does not meet the password policy requirements but it's false:D ... (Same issue with a real complex password like IL0veLMH@shP@ssw0rd! ...
    (microsoft.public.windows.server.security)