How to Enforce Password Complexity Policy settings Windows in local system
Is there any way we can enforce the password policy changes with the immediate effect i.e enforce the user to change the password while logon if it is not met newly added policy settings.
I heard that something we can do with Powershell WMI Bridge Scripting. I am very much new to it any help on this topic please.
But as per Miscrosoft
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/hh994562(v=ws.10)
new password policy will come to effect when user changes password manually or age of the policy is over. not immediate.
is there any way we can enforce password change by config change or using powershell script.?
windows-7 windows powershell passwords group-policy
edited Feb 19 at 11:44
Seth
6,58611128
asked Feb 19 at 9:47
surendrasurendra
11
add a comment |
Is there any way we can enforce the password policy changes with the immediate effect i.e enforce the user to change the password while logon if it is not met newly added policy settings.
I heard that something we can do with Powershell WMI Bridge Scripting. I am very much new to it any help on this topic please.
But as per Miscrosoft
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/hh994562(v=ws.10)
new password policy will come to effect when user changes password manually or age of the policy is over. not immediate.
is there any way we can enforce password change by config change or using powershell script.?
windows-7 windows powershell passwords group-policy
edited Feb 19 at 11:44
Seth
6,58611128
asked Feb 19 at 9:47
surendrasurendra
11
1
You can do pretty much anything you want with a PowerShell script, including set the password where it must be changed, and log out the user.
– Ramhound
Feb 19 at 12:51
In my understanding we can do the password complexity change and enforce with AD. is there any way to do with system group policy. please help me with any resources.
– surendra
Feb 19 at 15:34
What have you tried? The process to enforce this using a local group policy at the machine level should not be any different than enforcing it at the AD domain group policy level. The only issue you might run into is, if the users are Administrators, they can simply change the policy and flag their account's password as never expiring.
– Ramhound
Feb 19 at 15:45
@Ramhound In terms of WMI I am not tried anything...as I am not aware that how this one will work. if you have any sample code for wmi GPO password policy settings?
– surendra
Feb 20 at 9:12
@Ramhound in AD this is the setting i observed Set-ADUser -Filter * -ChangePasswordAtLogon:$true is there any such kind of settings in GPO
– surendra
Feb 20 at 9:15
add a comment |
Is there any way we can enforce the password policy changes with the immediate effect i.e enforce the user to change the password while logon if it is not met newly added policy settings.
I heard that something we can do with Powershell WMI Bridge Scripting. I am very much new to it any help on this topic please.
But as per Miscrosoft
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/hh994562(v=ws.10)
new password policy will come to effect when user changes password manually or age of the policy is over. not immediate.
is there any way we can enforce password change by config change or using powershell script.?
windows-7 windows powershell passwords group-policy
edited Feb 19 at 11:44
Seth
6,58611128
asked Feb 19 at 9:47
surendrasurendra
11
Is there any way we can enforce the password policy changes with the immediate effect i.e enforce the user to change the password while logon if it is not met newly added policy settings.
I heard that something we can do with Powershell WMI Bridge Scripting. I am very much new to it any help on this topic please.
But as per Miscrosoft
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/hh994562(v=ws.10)
new password policy will come to effect when user changes password manually or age of the policy is over. not immediate.
is there any way we can enforce password change by config change or using powershell script.?
windows-7 windows powershell passwords group-policy
windows-7 windows powershell passwords group-policy
edited Feb 19 at 11:44
Seth
6,58611128
asked Feb 19 at 9:47
surendrasurendra
11
edited Feb 19 at 11:44
Seth
6,58611128
asked Feb 19 at 9:47
surendrasurendra
11
edited Feb 19 at 11:44
Seth
6,58611128
edited Feb 19 at 11:44
Seth
6,58611128
edited Feb 19 at 11:44
Seth
6,58611128
6,58611128
asked Feb 19 at 9:47
surendrasurendra
11
asked Feb 19 at 9:47
surendrasurendra
11
asked Feb 19 at 9:47
surendrasurendra
11
11
1
You can do pretty much anything you want with a PowerShell script, including set the password where it must be changed, and log out the user.
– Ramhound
Feb 19 at 12:51
In my understanding we can do the password complexity change and enforce with AD. is there any way to do with system group policy. please help me with any resources.
– surendra
Feb 19 at 15:34
What have you tried? The process to enforce this using a local group policy at the machine level should not be any different than enforcing it at the AD domain group policy level. The only issue you might run into is, if the users are Administrators, they can simply change the policy and flag their account's password as never expiring.
– Ramhound
Feb 19 at 15:45
@Ramhound In terms of WMI I am not tried anything...as I am not aware that how this one will work. if you have any sample code for wmi GPO password policy settings?
– surendra
Feb 20 at 9:12
@Ramhound in AD this is the setting i observed Set-ADUser -Filter * -ChangePasswordAtLogon:$true is there any such kind of settings in GPO
– surendra
Feb 20 at 9:15
add a comment |
1
You can do pretty much anything you want with a PowerShell script, including set the password where it must be changed, and log out the user.
– Ramhound
Feb 19 at 12:51
In my understanding we can do the password complexity change and enforce with AD. is there any way to do with system group policy. please help me with any resources.
– surendra
Feb 19 at 15:34
What have you tried? The process to enforce this using a local group policy at the machine level should not be any different than enforcing it at the AD domain group policy level. The only issue you might run into is, if the users are Administrators, they can simply change the policy and flag their account's password as never expiring.
– Ramhound
Feb 19 at 15:45
@Ramhound In terms of WMI I am not tried anything...as I am not aware that how this one will work. if you have any sample code for wmi GPO password policy settings?
– surendra
Feb 20 at 9:12
@Ramhound in AD this is the setting i observed Set-ADUser -Filter * -ChangePasswordAtLogon:$true is there any such kind of settings in GPO
– surendra
Feb 20 at 9:15
1
1
You can do pretty much anything you want with a PowerShell script, including set the password where it must be changed, and log out the user.
– Ramhound
Feb 19 at 12:51
You can do pretty much anything you want with a PowerShell script, including set the password where it must be changed, and log out the user.
– Ramhound
Feb 19 at 12:51
In my understanding we can do the password complexity change and enforce with AD. is there any way to do with system group policy. please help me with any resources.
– surendra
Feb 19 at 15:34
In my understanding we can do the password complexity change and enforce with AD. is there any way to do with system group policy. please help me with any resources.
– surendra
Feb 19 at 15:34
What have you tried? The process to enforce this using a local group policy at the machine level should not be any different than enforcing it at the AD domain group policy level. The only issue you might run into is, if the users are Administrators, they can simply change the policy and flag their account's password as never expiring.
– Ramhound
Feb 19 at 15:45
What have you tried? The process to enforce this using a local group policy at the machine level should not be any different than enforcing it at the AD domain group policy level. The only issue you might run into is, if the users are Administrators, they can simply change the policy and flag their account's password as never expiring.
– Ramhound
Feb 19 at 15:45
@Ramhound In terms of WMI I am not tried anything...as I am not aware that how this one will work. if you have any sample code for wmi GPO password policy settings?
– surendra
Feb 20 at 9:12
@Ramhound In terms of WMI I am not tried anything...as I am not aware that how this one will work. if you have any sample code for wmi GPO password policy settings?
– surendra
Feb 20 at 9:12
@Ramhound in AD this is the setting i observed Set-ADUser -Filter * -ChangePasswordAtLogon:$true is there any such kind of settings in GPO
– surendra
Feb 20 at 9:15
@Ramhound in AD this is the setting i observed Set-ADUser -Filter * -ChangePasswordAtLogon:$true is there any such kind of settings in GPO
– surendra
Feb 20 at 9:15
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1407376%2fhow-to-enforce-password-complexity-policy-settings-windows-in-local-system%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1407376%2fhow-to-enforce-password-complexity-policy-settings-windows-in-local-system%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
You can do pretty much anything you want with a PowerShell script, including set the password where it must be changed, and log out the user.
– Ramhound
Feb 19 at 12:51
In my understanding we can do the password complexity change and enforce with AD. is there any way to do with system group policy. please help me with any resources.
– surendra
Feb 19 at 15:34
What have you tried? The process to enforce this using a local group policy at the machine level should not be any different than enforcing it at the AD domain group policy level. The only issue you might run into is, if the users are Administrators, they can simply change the policy and flag their account's password as never expiring.
– Ramhound
Feb 19 at 15:45
@Ramhound In terms of WMI I am not tried anything...as I am not aware that how this one will work. if you have any sample code for wmi GPO password policy settings?
– surendra
Feb 20 at 9:12
@Ramhound in AD this is the setting i observed Set-ADUser -Filter * -ChangePasswordAtLogon:$true is there any such kind of settings in GPO
– surendra
Feb 20 at 9:15