Passwords in AD are stored via a one-way cryptographic hash. AD can't see the password to judge its strength. Those functions only apply on the domain controllers when changing a password.
While we're on the subject, what is everyone's favorite password filtering product/method? Daniel Wolf Keep the planet green. Don't print email. In fact, don't print anything. From: [email protected] [mailto:[email protected]] On Behalf Of Kuehn, Shannon Sent: Wednesday, July 16, 2014 3:31 PM To: '[email protected]' Subject: [NTSysADM] Password Complexity Implementation Questions Hi all, Quick questions for the uber skilled (many thanks in advance): - When implementing password complexity via GPO, what happens to my users who are logged in with poor passwords? Do they get prompted to change their password when the GPO refreshes? - What will happen to users traveling? Most of my users have a desktop in the office (authenticated to our AD controllers) and a laptop they travel with (to access our Citrix environment remotely). When the GPO refreshes, are they SOL? - I intend to flesh out as much as possible before inconveniencing my users (I promise). The thing I'm having a tough time figuring out are answers to the above 2 questions. Any help or ideas you can offer, will be awesome and very much appreciated. ________________________________________ E-MAIL CONFIDENTIALITY NOTICE: The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited. GEM Realty Capital, Inc. and its affiliates and subsidiaries are not responsible for any recommendation, solicitation, offer or agreement or any information about any transaction, customer account or account activity contained in this communication.
smime.p7s
Description: S/MIME cryptographic signature
