Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Validation rules user & password 1

Status
Not open for further replies.
DevilDoAll

DevilDoAll

MIS
Jan 27, 2003
54
BE
Hi,

I'm looking for a document that describes the validation rules ( length, which characters not to use, ... ) for user and password in the W2K Active Directory.

Thanks.

Bart

Visit us at :
 
Sort by date Sort by votes
Make note of the following sometimes obscure naming rules:

If your computer does not have TCP/IP networking installed, or it has other networking protocols installed (without TCP/IP), the computer name must be in uppercase 15 or fewer bytes long (depending on which characters are used and the language set as the Language for non-Unicode programs in Regional and Language Options in Control Panel).

If your computer has TCP/IP networking installed, the computer name can be up to 63 bytes long (depending on which characters are used and the language set as the Language for non-Unicode programs in Regional and Language Options in Control Panel) but should only contain the numbers 0-9, the letters A-Z and a-z, and hyphens. You can use other characters, but doing so might prevent other users from finding your computer on the network. If your network is using a Microsoft DNS server, you can use any characters except periods.

Microsoft recommends using computer names that are shorter than 16 bytes. If you want to specify a computer name that is longer than 15 bytes and you want to join your computer to a domain that includes Windows 2000 domain controllers, the domain administrator should enable longer names in the computer account of the Active Directory domain.

If you rename your computer or workgroup when it is disconnected from the network, duplicate computer names might result. Check with your network administrator before renaming your computer.

 
Upvote 0 Downvote
Thanks for the quick answer.


These are recommendations, but are not mandatory.

What I'm lookin for is what the Microsoft requirements are : how long can a username be, is there also a minimum length, which characters ca be used and which are not allowed, ...
Same for password.

eg. : can I create a user called 'Mari3-Madel3in3[[_Van Pimperzele_]]DuLacBleu_\\//OnAMistyMorning' with password 'ThisIsMy125[@]Passµ\\\Word1f1don""tF0rget9**/It' ?


Bart

Visit us at :
 
Upvote 0 Downvote
Bill,

Thanks, but your answer concerns the computer name.
I'm looking for exactly that answer, but then for user- and password names in de Windows Active Directory.


Bart

Visit us at :
 
Upvote 0 Downvote
Computer Names:
• The computer name must be in uppercase 15 or fewer bytes long (depending on which characters are used and the language set as the Language for non-Unicode programs in Regional and Language Options in Control Panel). If your network is using a Microsoft DNS server, you can use any characters except periods.

• If your computer has TCP/IP networking installed, the computer name can be up to 63 bytes long (depending on which characters are used and the language set as the Language for non-Unicode programs in Regional and Language Options in Control Panel) but should only contain the numbers 0-9, the letters A-Z and a-z, and hyphens. You can use other characters, but doing so might prevent other users from finding your computer on the network.


Usernames:
• You can use up to 20 uppercase or lowercase characters to specify the name of the account, or up to 15+1+20 characters to specify a fully qualified domain user name of the form: domain\username. These forms are distinguished by the absence or presence of exactly one backslash (\) character.

• The following characters are prohibited: / \ [ ] : ; | = , + " * ? < >

• Also, a domain name cannot contain any spaces or start with a period. A user name cannot consist solely of periods and/or spaces.


Passwords:
As password complexity is the default in a Domain:

• Passwords must be at least six characters long.

• Passwords may not contain your SAM account name when it is three or more characters in length or any full "token" in your display name that is also three or more characters in length. For example: If your SAM account name is etiennej and your display name is Jacques, Etienne P., there will be three blocked "tokens": etiennej, Jacques and Etienne. The middle initial is less than three characters and is therefore not considered a "token". Subsets like etiennej1 and Jacque12$ will not be blocked.

• Passwords must contain characters from at least three of the following four classes:Description Examples
English upper case letters A, B, C, ... Z
English lower case letters a, b, c, ... z
Westernized Arabic numerals 0, 1, 2, ... 9
Non-alphanumeric ("special characters") Punctuation marks and other symbols. If your network is using a Microsoft DNS server, you can use any characters except periods.

• These requirements are hard-coded in the Passfilt.dll file and cannot be changed through the user interface or registry. If you want to change these requirements, you must write your own .dll and implement it.



 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Andrzejek
  • Locked
  • Question
How to Disable Google Chrome Password Manager 2
Replies
3
Views
1K
combo
combo
DTGMI
  • Locked
  • Question
WIN 10 Pro PC &amp; Adding back to our Network
Replies
1
Views
872
pjw001
pjw001
VicM
  • Locked
  • Question
Change name not showing in user account 1
Replies
13
Views
1K
guitarzan
guitarzan
pjw001
  • Locked
  • Question
Windows 10 Password Problem
Replies
4
Views
213
LukeyLuke
LukeyLuke
DTGMI
  • Locked
  • Question
Windows 1- &amp; Chrome Password Import
Replies
0
Views
138
DTGMI
DTGMI

Part and Inventory Search

Sponsor

Back
Top