| external help file | krbtgtRotate-help.xml |
|---|---|
| online version | https://technet.microsoft.com/en-us/library/cc786468.aspx |
| schema | 2.0.0 |
This function tests if a given string will meet the complexity requirements specified.
Test-ComplexPassword [-Password] <String> [[-User] <String>] [[-MinPasswordLength] <Int32>]
[[-ComplexityEnabled] <Boolean>] [[-CharTypeMinimum] <Int32>]
This function tests if the supplied string (password) will meet the password requirements of the current domain.
-Required modules ActiveDirectory
-Required functions
-PS Script Analyzer exceptions -PSAvoidUsingPlainTextForPassword - In order to evaluate the password for complexity and pattern matching, it must be in plain text. -PSAvoidUsingUserNameAndPassWordParams - Because both the user object and password are being evaluated (complexity check), using descriptive parameters is better than using compliant albeit vague or misleading names.
PS > Test-ComplexPassword -Password 'krbtgtPasswordSecret!1' -User krbtgt
WARNING: Password matches SamAccountName, not allowed when complexity enabled.
False
Testing if the supplied password would be complex for the specified user, received a warning and 'False' (failing) status returned. The failed status was because the password had a match for the SamAccountName of the account specified.
PS > Test-ComplexPassword -Password 'adminPasswordSecret!1' -User krbtgt
True
Testing if the supplied password would be complex for the specified user, result was 'True' (passing). Because the password does not contain the SamAccountName and matches 3 of the 5 character sets, result is passing.
Specifies the password to test for complexity.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 1
Default value:
Accept pipeline input: True (ByValue)
Accept wildcard characters: FalseSpecifies the user (account) where the password will be set - evaluation of matching characters in the password and SamAccountName.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 2
Default value:
Accept pipeline input: True (ByValue)
Accept wildcard characters: FalseSpecifies the minimum password length, typically gathered from the current working domain.
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: 3
Default value: 0
Accept pipeline input: True (ByValue)
Accept wildcard characters: FalseSpecifies if complexity is enabled for passwords, typically gathered from the current working domain.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: 4
Default value: False
Accept pipeline input: True (ByValue)
Accept wildcard characters: FalseSpecifies the minimum number of different types of characters that must be present in the password under test.
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: 5
Default value: 0
Accept pipeline input: True (ByValue)
Accept wildcard characters: False- parameter 'ComplexityTypeMinimum' is now 'CharTypeMinimum'
- moved evaluation of default domain policy out of parameter section into 'begin'
- now evaluating all the rules for complexity - displayName matching rules now tested.
- proper help added
- added exception to PSScriptAnalyzer rules
- rework of several pieces, bumping to v0.2.0 for module
- update verbose message returned
- updated to allow minPasswordLength, complexityEnabled, and CharTypeMinimum from pipeline
- initial creation
https://technet.microsoft.com/en-us/library/cc786468.aspx