活动目录检查 [英] Active directory checking

问题描述

我想更改一个活动目录用户的密码，该用户没有最后3个密码的新密码。

I want to change the password for an active directory user who shoud not have this new password for last 3 passwords.

例如，用户user1以"Password1"开头。初始登录。

for example, the user user1 started with "Password1" initial logon.

如果我将其更改为"密码2"在第二次和第三次作为"密码3"。（通过c＃程序翻转）

if i change that into "Password2" at the second time and the third time as "Password3".(everthing through c# program)

如果我去第4次以编程方式通过c＃更改用户的密码它不接受"密码1"或"密码2"或或"密码3"。目前它正在接受。它应该告诉任何异常，如果我输入3个密码，

if i go and change the password for an user through c# programmatically on the 4 th time then it shoud not accept "Password1" or "Password2" or "Password3". currently it is accepting. it should tell any exeception if i enter either 3 passwords mentioned,

我正在使用NTLM协议和UserPrincipal上下文对象。

I am using NTLM protocol and UserPrincipal context object for this.

请告知。如何在更改时限制最后3个密码。

Please advise. how could i restrict these last 3 passwords while changing.

推荐答案

您好，

来自活动目录策略本身，您可以设置安全策略，以便在帐户策略 - >密码政策 - >强制执行Passowrd历史记录

From active directory policy itself you can set Security Policy so that in Account Policies -> Password Policy -> Enforce Passowrd History

在保留区域密码历史记录中指定3。

Specify 3 in Keep password history for area.

因此，如果您的密码不符合此政策，则在使用UserPrincipal对象时会抛出一个例外，你可以将其作为客户可读的错误信息。

So that while using UserPrincipal Object if your password doens't meet this policy it will throws an exception you can hanlde it as an error message readable for your client.

 

问候。

 

这篇关于活动目录检查的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！