Prohibit certain passwords in AD
- This topic has 4 replies, 4 voices, and was last updated 3 years, 2 months ago by .
Viewing 1 post (of 1 total)
Viewing 1 post (of 1 total)
You must be logged in to reply to this topic.
Home › Forums › Microsoft Networking and Management Services › Active Directory › Prohibit certain passwords in AD
Hi
I’ve been tasked with prohibiting certain passwords in AD, Like a blacklist of passwords such as Password1234 etc.
I had looked online but the explanations are too complex and I need a more layman’s understanding initially so I can see if I need to research or go 3rd party
From what I understand so far I need to create a group policy – default domain policy. then have a program compiled only using C with the banned passwords that runs as a thread of the LSA :???: from what I can see this is the only path.
Is this a complex operation ? Is it worth taking the risk doing this? What could be typical negative outcomes ? e.g. blue screening the DC.
Are 3rd party solutions preferable or Is that a waste of money for something that can implement myself ?
Id appreciate any info, big picture overview so I can consider an approach
I can rustle up a Powershell script but C if that is the only option is beyond me presently
Thanks for reading
Confuseis
You must be logged in to reply to this topic.
Find out more about our cookie policy here.