But it's possible that someone changed this policy, created the account, and
changed it back.
I've done this myself (several times for service accounts to avoid [HP]
protect tool's obfuscation process).
It might not even have been intentional. One admin could have messed with
the policy and several minutes later (that's all its going to take if you're
in the same site as the PDCe) another admin created the user.
--Paul
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern
Sent: Wednesday, September 06, 2006 11:44 AM
To: [email protected]
Subject: Re: [ActiveDir] Strange password issue
If you mean before the policy was set up, then, no.
This policy has been in effect for a couple of years and
the account was created a month ago..
Maybe the PC is not getting the Default Domain Policy?
On 9/6/06, Williams, Robert
<[EMAIL PROTECTED]> wrote:
Tom,
This is just a stab in the dark but is it
possible that this user's password was set prior to the Default Domain
Policy being in effect?
Robert Williams
________________________________
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern
Sent: Wednesday, September 06, 2006 9:39 AM
To: activedirectory
Subject: [ActiveDir] Strange password issue
I'm having this weird issue where I have a user
account who is able to log in with a blank password.
The Default Domain Policy is set to a min
password length of 6 characters.
The userAccountControl on the user is set to
512.
The Domain is at win2k3 DFL and FFL.
Is there any other way besides a migration tool
like Quest that could circumvent this policy and allow blank passwords?
Thanks
2006-09-06, 11:32:05
The information contained in this e-mail message
and any attachments may be privileged and confidential. If the reader of
this message is not the intended recipient or an agent responsible for
delivering it to the intended recipient, you are hereby notified that
any review, dissemination, distribution or copying of this communication
is strictly prohibited. If you have received this communication in
error, please notify the sender immediately by replying to this e-mail
and delete the message and any attachments from your computer.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
