[英]Generate password for AD user account that meets complexity policy
I need to create AD
users automatically. 我需要自动创建AD
用户。 The problem is, making sure the generated password meets the password policy of AD
. 问题是,确保生成的密码符合AD
的密码策略。 I don't know what the policy will be, is there a way to determine that at runtime? 我不知道该政策是什么,是否有办法在运行时确定该政策? This is what I'm using but you can see the complexity is static to length=16
and 4 non-alphanumeric chars
and might not always work. 这就是我正在使用的内容,但是您可以看到,对于length=16
和4 non-alphanumeric chars
,复杂度是静态的,并且可能并不总是有效。 I am looking for a way to get the password policy from AD
so the generated passwords are correct. 我正在寻找一种从AD
获取密码策略的方法,以便生成的密码正确。
UserPrincipal up = new UserPrincipal(oPrincipalContext);
up.SamAccountName = userId;
up.SetPassword(System.Web.Security.Membership.GeneratePassword(16, 4));
up.Enabled = false;
up.ExpirePasswordNow();
up.Save();
This is what I'm using. 这就是我正在使用的。 I'm getting the password properties using DirectoryEntry/LDAP
, then use those to create the password. 我使用DirectoryEntry/LDAP
获取密码属性,然后使用这些属性来创建密码。
DirectoryEntry child = new DirectoryEntry("LDAP://machine/DC=domain,DC=com");
int minPwdLength = (int)child.Properties["minPwdLength"].Value;
int pwdProperties = (int)child.Properties["pwdProperties"].Value;
Use the properties when creating the password. 创建密码时使用属性。
UserPrincipal up = new UserPrincipal(oPrincipalContext);
up.SamAccountName = userId;
up.SetPassword(System.Web.Security.Membership.GeneratePassword(minPwdLength,
pwdProperties));
up.Enabled = true;
up.ExpirePasswordNow();
up.Save();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.