My Preferred GUI For Fine Graine Password Policy

Hello World,

Lately, i had to work a little bit with the fine graine policy feature of Windows 2008. Windows 2008 provide the ability to create multiple password policies within a domain. You coud for example enforce that admin and service account need longer and complex password than other “normal users”. This functionality was not available as a built-in feature.

To create a password policy, you have to go through ADSI Edit MMC console and you will go through a small wizard. (10 Screens). I have a preference for scripting or command line tools. The easiest way would be to use the LDIFDE command line tool. You can also use powershell scripts to create such objects.

The creation process is not really complex. However, i had some customers asking me if there were some GUI available to perform such operations. The answer is YES!!!. Some GUI are available around. I list some of them hereafter :

SecOps Password policy basic : Secops provide a free shrinked version of one of their commercial product. The software is free but you need to register to download it and you have limited features. You can have more info here

PowerGUI cmdlet pack : If you are using the powerGui pack, you can add the following pack. Using this addon, you will be able to manager your password policy through the powerGUI.

Parhelia web site offer also a free GUI for managing your password policy. This GUI is quite ok. What i like about it is that you do not need to perform any installation. it’s a self-executable. Ideal for environment where you don’t want or can’t install software on servers. You can download the tool here

Fine Graine Password Policy tool is definitely my favourite GUI. The tool can be downloaded here. The tool is perfect for enterprise environment. The author of the application has created a full featured MMC snap-in that integrates nicely with the other MMC administrative tools. With this tool, you can create, modify and delete your PSO objects. you can also apply your policies as required. If i was Microsoft, i would integrate this MMC in the resource kit.

That’s it for this post… Choose your preferred tool and enjoy it

see ya

4 thoughts on “My Preferred GUI For Fine Graine Password Policy

  1. Your blog keeps getting better and better! Your older articles are not as good as newer ones you have a lot more creativity and originality now. Keep it up!
    And according to this article, I totally agree with your opinion, but only this time! 🙂

  2. You have to express more your opinion to attract more readers, because just a video or plain text without any personal approach is not that valuable. But it is just form my point of view

Leave a Reply