Prohibit certain passwords in AD

Home Forums Microsoft Networking and Management Services Active Directory Prohibit certain passwords in AD

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    confuseis
    Participant
    #167280

    Hi

    I’ve been tasked with prohibiting certain passwords in AD, Like a blacklist of passwords such as Password1234 etc.

    I had looked online but the explanations are too complex and I need a more layman’s understanding initially so I can see if I need to research or go 3rd party

    From what I understand so far I need to create a group policy – default domain policy. then have a program compiled only using C with the banned passwords that runs as a thread of the LSA :???: from what I can see this is the only path.

    Is this a complex operation ? Is it worth taking the risk doing this? What could be typical negative outcomes ? e.g. blue screening the DC.

    Are 3rd party solutions preferable or Is that a waste of money for something that can implement myself ?

    Id appreciate any info, big picture overview so I can consider an approach

    I can rustle up a Powershell script but C if that is the only option is beyond me presently

    Thanks for reading

    Confuseis

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.