none
Domain control password modification policy factors (域控密码修改策略因素) RRS feed

All replies

  • Hi super.ma,

    Thank you for posting here.

    For your question, please check the link below. It gives a good explanation.

    https://blogs.technet.microsoft.com/askds/2009/02/15/machine-account-password-process-2/

    Best Regards,

    Wendy



    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Proposed as answer by Stanly Fan Friday, November 9, 2018 1:42 AM
    Thursday, October 18, 2018 7:59 AM
    Moderator
  • https://social.technet.microsoft.com/Forums/zh-CN/1f9bcf89-db81-40cd-9191-4acf93d1ea54/22495255112349430721204622591331574300532224032032?forum=windowsserversystemzhchs

    2、域控管理员(administrator)登录后,右键具体的域账号,“重置密码”选项,目前仅受“密码长度8个字符”限制,其它并无限制?

    请确认,通过控制台直接重置密码是否有:

    “强制密码历史”策略限制?

    “密码必须符合复杂性要求”?

    “密码长度最小值”?

    Wednesday, November 28, 2018 1:16 AM
  • When you reset password for other account as Administrator, the password is supposed to be temporary (user should change password on their first logon) so the password rule is more relax.

    Btw, there would be no way to implement "password history" check. For one thing, the previous password hashes are stored in user profile which is not avaliable while you login with another account. For the other, this would mean the domain administrator account would have full access to all the collection of password the users using. Since lots of people use "rotatory password strategy" (when required to change password, choose password from a list commonly used by them), if someone hacked in the domain it'll cause serious security implication. So I think they wouldn't implement it even if they're requested to.

    Wednesday, November 28, 2018 1:46 AM
    Answerer