You
can't do this natively but you can write a password filter DLL to hook into the
LSASS to do it. It isn't a trivial experiment as bad code will do bad things
since it is running as LSASS and when LSASS gets cranky, blue tends to be your
predominant screen theme color.
There
are some third party tools out there but I have never investigated them to see
how good they are. Note that they tend to be licensed by both number of users
and number of domain controllers because the DLL must be loaded on every DC.
joe
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 4:59 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Non-dictionary passwords
Does anyone know if you can setup AD so that when someone changes there password it will not let them change it with a dictionary word? Because $password1 will work if you have it set to "Password must meet complexity requirements" if not what is a good software to do this with?
Thanks again!
Ryan McDonald
Systems Administrator
The Bankers Bank
770-805-2304
