Sign in with
Sign up | Sign in
Your question

Password Policy

Last response: in Windows XP
Share
Anonymous
January 18, 2005 12:14:40 PM

Archived from groups: microsoft.public.windows.group_policy,microsoft.public.windowsxp.configuration_manage,microsoft.public.windowsxp.perform_maintain (More info?)

Hi :-)

Is it possible to set the password policy attributes in the registration
database or with a commandline?

regards

- Morten H Andersen -

More about : password policy

Anonymous
January 18, 2005 4:13:12 PM

Archived from groups: microsoft.public.windows.group_policy,microsoft.public.windowsxp.configuration_manage,microsoft.public.windowsxp.perform_maintain (More info?)

On Tue, 18 Jan 2005 09:14:40 +0100, "Morten H Andersen" <na@na.na> wrote:

>Hi :-)
>
>Is it possible to set the password policy attributes in the registration
>database or with a commandline?
>
>regards
>
>- Morten H Andersen -
>

net accounts /?

From Help:

Net accounts Updates the user accounts database and modifies password and logon requirements for all accounts.

Syntax
net accounts [/forcelogoff:{Minutes | no}] [/minpwlen:Length] [/maxpwage:{Days | unlimited}] [/minpwage:D ays] [/uniquepw:Number] [/domain]

Parameters
/forcelogoff:{Minutes | no}
Sets the number of minutes to wait before ending a user's session with a server when the user account or valid logon time expires. The default value, no, prevents users from being forced to log off.
/minpwlen:Length
Sets the minimum number of characters for a user account password. The range is from 0 through 127 characters and the default is six characters.
/maxpwage:{Days | unlimited}
Sets the maximum number of days that a user account's password is valid. The unlimited value sets no maximum time. The /maxpwage command-line option must be greater than /minpwage. The range is from 1 through 49,710 days (that is, unlimited
equals 49,710 days), and the default value is 90 days.
/minpwage:D ays
Sets the minimum number of days before a user can change a new password. The default value is zero days, which sets no minimum time. The range is from 0 through 49,710 days.
/uniquepw:Number
Requires a user to not repeat the same password for the specified Number of password changes. The range is from 0 through 24 password changes, and the default is five password changes.
/domain
Performs the operation on the primary domain controller of the current domain. Otherwise, the operation is performed on the local computer.
net help Command
Displays help for the specified net command.
Remarks
The Net Logon service must be running on the computer where you want to change account parameters. Used without parameters, net accounts displays the current settings for password, logon limitations, and domain information.
You must do the following before you can use net accounts:
Create user accounts. Use User Manager or net user to set up user accounts.
Run the Net Logon service on all servers that verify logon in the domain. Net Logon starts automatically at startup.
When you use /forcelogoff:Minutes, a warning is sent minutes before users are forced to log off from the network. Users are also notified if any files are open. If Minutes is less than two, users are warned to log off from the network
immediately.
Examples
To display the current settings, the password requirements, and the server role for a server, type:

net accounts

To set a minimum of seven characters for user account passwords, type:

net accounts /minpwlen:7

To specify that users can reuse a password only after the fifth time they change passwords, type:

net accounts /uniquepw:5

To prevent users from changing passwords more often than every seven days, force users to change passwords every 30 days, and force users to log off after the logon time expires with a five-minute warning, type:

net accounts /minpwage:7 /maxpwage:30 /forcelogoff:5

To ensure that the preceding settings take effect for the domain that the computer is logged on to, type:

net accounts /minpwage:7 /maxpwage:30 /domain



Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
Anonymous
January 19, 2005 4:23:53 PM

Archived from groups: microsoft.public.windows.group_policy,microsoft.public.windowsxp.configuration_manage,microsoft.public.windowsxp.perform_maintain (More info?)

Thanks!



How the hell could I miss that?? ;-))



I used the NET USER to create an account, but it lacks the parameter to set
"Password never expires" !!





"Jerold Schulman" <Jerry@jsiinc.com> wrote in message
news:D akqu0529e0ovborrv8ekcnvjg1v5huft5@4ax.com...
> On Tue, 18 Jan 2005 09:14:40 +0100, "Morten H Andersen" <na@na.na> wrote:
>
>>Hi :-)
>>
>>Is it possible to set the password policy attributes in the registration
>>database or with a commandline?
>>
>>regards
>>
>>- Morten H Andersen -
>>
>
> net accounts /?
>
> From Help:
>
> Net accounts Updates the user accounts database and modifies password and
> logon requirements for all accounts.
>
> Syntax
> net accounts [/forcelogoff:{Minutes | no}] [/minpwlen:Length]
> [/maxpwage:{Days | unlimited}] [/minpwage:D ays] [/uniquepw:Number]
> [/domain]
>
> Parameters
> /forcelogoff:{Minutes | no}
> Sets the number of minutes to wait before ending a user's session with a
> server when the user account or valid logon time expires. The default
> value, no, prevents users from being forced to log off.
> /minpwlen:Length
> Sets the minimum number of characters for a user account password. The
> range is from 0 through 127 characters and the default is six characters.
> /maxpwage:{Days | unlimited}
> Sets the maximum number of days that a user account's password is valid.
> The unlimited value sets no maximum time. The /maxpwage command-line
> option must be greater than /minpwage. The range is from 1 through 49,710
> days (that is, unlimited
> equals 49,710 days), and the default value is 90 days.
> /minpwage:D ays
> Sets the minimum number of days before a user can change a new password.
> The default value is zero days, which sets no minimum time. The range is
> from 0 through 49,710 days.
> /uniquepw:Number
> Requires a user to not repeat the same password for the specified Number
> of password changes. The range is from 0 through 24 password changes, and
> the default is five password changes.
> /domain
> Performs the operation on the primary domain controller of the current
> domain. Otherwise, the operation is performed on the local computer.
> net help Command
> Displays help for the specified net command.
> Remarks
> The Net Logon service must be running on the computer where you want to
> change account parameters. Used without parameters, net accounts displays
> the current settings for password, logon limitations, and domain
> information.
> You must do the following before you can use net accounts:
> Create user accounts. Use User Manager or net user to set up user
> accounts.
> Run the Net Logon service on all servers that verify logon in the domain.
> Net Logon starts automatically at startup.
> When you use /forcelogoff:Minutes, a warning is sent minutes before users
> are forced to log off from the network. Users are also notified if any
> files are open. If Minutes is less than two, users are warned to log off
> from the network
> immediately.
> Examples
> To display the current settings, the password requirements, and the server
> role for a server, type:
>
> net accounts
>
> To set a minimum of seven characters for user account passwords, type:
>
> net accounts /minpwlen:7
>
> To specify that users can reuse a password only after the fifth time they
> change passwords, type:
>
> net accounts /uniquepw:5
>
> To prevent users from changing passwords more often than every seven days,
> force users to change passwords every 30 days, and force users to log off
> after the logon time expires with a five-minute warning, type:
>
> net accounts /minpwage:7 /maxpwage:30 /forcelogoff:5
>
> To ensure that the preceding settings take effect for the domain that the
> computer is logged on to, type:
>
> net accounts /minpwage:7 /maxpwage:30 /domain
>
>
>
> Jerold Schulman
> Windows Server MVP
> JSI, Inc.
> http://www.jsiinc.com
!