以编程方式读取本地密码策略 [英] Reading the local password policy programmatically

问题描述

是否有允许读取当前密码策略的 Windows API 函数?例如，最小长度、复杂度等.

Are there Windows API functions that allows reading what the current password policy is? For instance, minimum length, complexity etc.

如果没有阅读，有没有办法以编程方式根据策略验证密码?

If not reading, is there a way to verify a password against the policy programmatically?

推荐答案

参见 安全观察 Windows 域密码策略.您可以使用 ADSI 或其包装器点击 AD.我找到了一个 VBScript 示例.您可以将其翻译成您想要的任何语言:

See Security Watch Windows Domain Password Policies. You can hit AD using ADSI or its wrappers. I found a VBScript sample. You can translate it to any language you want:

Sub ListPasswordPolicyInfo( strDomain )
    Dim objComputer
    Set objComputer = GetObject("WinNT://" & strDomain )
    WScript.Echo "MinPasswordAge: " &  ((objComputer.MinPasswordAge) / 86400)
    WScript.Echo "MinPasswordLength: " &  objComputer.MinPasswordLength
    WScript.Echo "PasswordHistoryLength: " &  objComputer.PasswordHistoryLength
    WScript.Echo "AutoUnlockInterval: " &  objComputer.AutoUnlockInterval
    WScript.Echo "LockOutObservationInterval: " &  objComputer.LockOutObservationInterval
End Sub

Dim strDomain
Do
    strDomain = inputbox( "Please enter a domainname", "Input" )
Loop until strDomain <> ""

ListPasswordPolicyInfo( strDomain )

作为奖励，请查看 LDAP 管理员.这是一个开源的 LDAP 目录编辑器，您可以用它来测试事物，也可以检查用 Delphi 编写的代码.

As a bonus, check out LDAP Admin. It's an open source LDAP directory editor, which you can use to test things, and also checkout the code written in Delphi.

这篇关于以编程方式读取本地密码策略的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！