In windows local security policies there is a complexity requirement. I would like to be able to enable it in a batch-file that enables other password stuff like length, age, etc.
::this will change the minimum length of the password
net accounts /minpwlen:8
::this will change the maximum age of the password
net accounts /maxpwage:30
::this will change the minimum age of the password
net accounts /minpwage:5
::this will change the number of passwords stored
net accounts /uniquepw:5
Above is most of what I want but I can't figure out how I enable the complexity in batch. Thanks in advance. also if you have any other ideas how to do this I'm open.
I had similar situation once and what I did was:
setlocal EnableDelayedExpansion
SecEdit.exe /export /cfg "%temp%\sec-template.cfg" >nul 2>&1
set names=MaximumPasswordAge MinimumPasswordLength PasswordComplexity PasswordHistorySize
set values[MaximumPasswordAge]=90
set values[MinimumPasswordLength]=6
set values[PasswordComplexity]=1
set values[PasswordHistorySize]=10
for /F "delims== tokens=1,*" %%X in ('type "%temp%\sec-template.cfg"') do (
call :trim "%%X"
set cur_name=!result!
for %%I in (%names%) do (
if "!cur_name!" equ "%%I" (
set value== !values[%%I]!
)
)
if not defined value if "%%Y" neq "" (
call :trim "%%Y"
set value== !result!
)
echo !cur_name! !value! >> "%temp%\sec-template2.cfg"
set value=
)
SecEdit.exe /configure /db secedit.sdb /cfg "%temp%\sec-template2.cfg" >nul 2>&1
del /q "%temp%\sec-template2*.cfg" >nul 2>&1
if exist "%~dp0secedit.sdb" del "%~dp0secedit.sdb" >nul 2>&1
goto :eof
:trim
set result=%~1
set "f=!result:~0,1!" & set "l=!result:~-1!"
if "!f!" neq " " if "!l!" neq " " goto :eof
if "!f!" equ " " set result=!result:~1!
if "!l!" equ " " set result=!result:~0,-1!
call :trim "!result!"
goto :eof
Hope it helps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.