为符合复杂性策略的AD用户帐户生成密码
[英]Generate password for AD user account that meets complexity policy
问题描述
I need to create AD users automatically. 
我需要自动创建AD用户。 The problem is, making sure the generated password meets the password policy of AD . 问题是,确保生成的密码符合AD的密码策略。 I don't know what the policy will be, is there a way to determine that at runtime? 我不知道该政策是什么,是否有办法在运行时确定该政策? This is what I'm using but you can see the complexity is static to length=16 and 4 non-alphanumeric chars and might not always work. 这就是我正在使用的内容,但是您可以看到,对于length=16和4 non-alphanumeric chars ,复杂度是静态的,并且可能并不总是有效。 I am looking for a way to get the password policy from AD so the generated passwords are correct. 我正在寻找一种从AD获取密码策略的方法,以便生成的密码正确。
UserPrincipal up = new UserPrincipal(oPrincipalContext);
up.SamAccountName = userId;
up.SetPassword(System.Web.Security.Membership.GeneratePassword(16, 4));
up.Enabled = false;
up.ExpirePasswordNow();
up.Save();
1 个解决方案
解决方案1
0 2015-07-18 05:06:26
This is what I'm using. 这就是我正在使用的。 I'm getting the password properties using DirectoryEntry/LDAP , then use those to create the password. 我使用DirectoryEntry/LDAP获取密码属性,然后使用这些属性来创建密码。
DirectoryEntry child = new DirectoryEntry("LDAP://machine/DC=domain,DC=com");
int minPwdLength = (int)child.Properties["minPwdLength"].Value;
int pwdProperties = (int)child.Properties["pwdProperties"].Value;
Use the properties when creating the password. 创建密码时使用属性。
UserPrincipal up = new UserPrincipal(oPrincipalContext);
up.SamAccountName = userId;
up.SetPassword(System.Web.Security.Membership.GeneratePassword(minPwdLength,
pwdProperties));
up.Enabled = true;
up.ExpirePasswordNow();
up.Save();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.