Managing Fine Grained Password Policies…
By tyson.kopczynski on Tue, 09/18/07 - 2:35am.One of my co-workers recently asked me if there was a better method for managing Fine Grained Password polices in Windows Server 2008. Basically, he came across Microsoft’s (pretty good) step-by-step for using this feature on TechNet – Link. Upon reading the first step, he quickly realized that managing this feature was going to suck.
Why Microsoft! Like BitLocker, you yet again taunt us with a really cool feature. But, yet again the management of the feature is from the bowls of suckiness. I’m actually biting my tongue here. Yes, if I really wanted to… I could fire up adsiedit and ldifde to complete the management task at hand. But, I have to ask the question, what about the IT Pros that don’t dabble with those tools on a daily basis? You know, the ones managing your products. Forgive me for getting riled up. But, you did this to me with BitLocker and there is yet again a cool feature that isn’t fully baked. I shouldn’t have to go through a multi-step process involving several different tools just to manage one feature. Give me a GUI that is driven by a set of PowerShell cmdlets (click or command it). Errr… like Quest did.
Anyhow, I’m done. My reply to my co-worker was to use either the PasswordSettingsObject cmdlets from Quest or the PowerGUI snap-in which uses those cmdlets - http://powergui.org/entry.jspa?externalID=882&categoryID=46.
For all of today's Microsoft news, visit the Microsoft Subnet.
- About Hidden Microsoft
With more than ten years of experience in IT, Tyson Kopczynski has become a specialist in Active Directory, Information Assurance, Windows automation, PKI, and IT security practices. Tyson is also the founding author of the Windows PowerShell Unleashed series and has been a contributing author for such books as Microsoft Internet Security and Acceleration (ISA) Server 2006 Unleashed and Microsoft Windows Server 2008 R2 Unleashed. He has also written many detailed technical papers and guides covering various technologies. As a consultant at Convergent Computing, Tyson works with and provides feedback for next generation Microsoft technologies since their inception and has also played a key role in expanding the automation and security practices at CCO. Tyson also holds such certifications as the Certified Information Systems Security Professional (CISSP), the SANS Security Essentials Certification (GSEC) and SANS Certified Incident Handler (GCIH), and the MCTS (Application Platform, Active Directory, and Network Infrastructure).
Certifications:
- Certified Information Systems Security Professional (CISSP)
- SANS GIAC Security Essentials Certification (GSEC)
- SANS GIAC Certified Incident Handler (GCIH)
- MCTS (Application Platform, Active Directory, and Network Infrastructure)
- Microsoft Certified Systems Engineer (MCSE) Security
- CompTIA Security+
Publications:
- Windows PowerShell Unleashed (author)
- System Center Enterprise Suite Unleashed (author)
- Microsoft Windows Server 2008 Unleashed (contributing author)
- Microsoft Windows Server 2003 Unleashed (contributing author)
- Microsoft ISA Server 2006 Unleashed (contributing author)
- Microsoft ISA Server 2004 Unleashed (contributing author)
- Microsoft SharePoint 2007 Unleashed (contributing author)
- Microsoft SharePoint 2003 Unleashed (contributing author)
Other Stuff:
- Blogger NetworkWorld.com from June 2007
- GIAC Advisory Board from 2009
- Lecturer / Speaker (Information Technology or Security related)
- SANS Local Mentor (active in Japan)
- CompTIA Security+ SME (a long time ago)
- Judge, Imagine Cup 2005 Int'l IT Competition
- Judge, Imagine Cup 2007 Int'l IT Competition
Most Discussed Posts
- On The Web
-
Network World, Inc
The Connected Enterprise