PswdRequired Field

[Guest]

We have a Windows 2000 AD domain. The dumpsec 2000 tool has been run on our domain controllers and it outputs th
PswdRequired field and shows it set to "No" for certain user accounts. Our domain password policy has a minimum password length of 8 characters.

This blank password setting is found in a Windows NT 4 domain but I do not see it in AD. So now our auditor thinks we allow blank passwords.

I don't see this field any where including ADSI Edit. Is this just some legacy thing or what

Thanks - James

 

[Steven L Umbach]

I would examine those user accounts and see how their properties differ from
other users who do not report the same. Possibly some other account option
is being interpreted wrongly [password never expires or user can not change
password??]. Another thing to try is to email the folks at Somar and ask
them what is going on. Also run "net user username" on the domain controller
to see what it reports for one of those users to see if it provides a
clue.--- Steve

We have a Windows 2000 AD domain. The dumpsec 2000 tool has been run on

our domain controllers and it outputs the

PswdRequired field and shows it set to "No" for certain user accounts.

Our domain password policy has a minimum password length of 8 characters.

This blank password setting is found in a Windows NT 4 domain but I do not

see it in AD. So now our auditor thinks we allow blank passwords.