Custom Password Complexity in AD?

[Jake Paris]

Folk, is there any tutorial out there, or advice you can provide on using a
MMC snap-in or some other program to create custom password complexity
requirements under AD? Like I wanna make these folks not have their password
be their username or anything horrible like that, but this is a small
company very set in its ways, and I had to fight tooth and nail to force
them to expire their passwords every 90 days... if I start telling them
their passwords need to follow the MS defaults for strong passwords, I think
they'll string me up

Thanks in advance.

 

[Tim Springston \(MSFT\)]

This doesn't directly answer your question, Jake, but you could try running
the MBSA on their machines to show them the weakneses they are providing
potential bad guys. Password complexity is one of those checked by it.

Microsoft Baseline Security Analyzer v1.1.1 (for IT Professionals)
The Microsoft Baseline Security Analyzer provides a streamlined method of
identifying common security misconfigurations.
http://www.microsoft.com/downloads/...3b-92e3-4f97-80e7-8bc9ff836742&DisplayLang=en

 

[Jake Paris]

FYI folks, I did finally find an answer on this through alot of searching.
The answer actually came from the MSDN, which scared me right off the bat...
because the answer is that you have to program your own password complexity
..dll... which is a bit out of my league. Dunno where to go from here, other
than looking at hiring a temp consultant to come in and set this up for me,
however, I figured I would pass along the info anyways.

http://msdn.microsoft.com/library/d...ing_and_registering_a_password_filter_dll.asp