【问题标题】:How do I enable password complexity in batch如何批量启用密码复杂性
【发布时间】:2018-04-30 08:54:27
【问题描述】:
在 Windows 本地安全策略中存在复杂性要求。我希望能够在批处理文件中启用它,以启用其他密码内容,如长度、年龄等。
::this will change the minimum length of the password
net accounts /minpwlen:8
::this will change the maximum age of the password
net accounts /maxpwage:30
::this will change the minimum age of the password
net accounts /minpwage:5
::this will change the number of passwords stored
net accounts /uniquepw:5
以上是我想要的大部分内容,但我不知道如何批量启用复杂性。提前致谢。另外,如果您有任何其他想法如何做到这一点,我很开放。
【问题讨论】:
标签:
windows
security
batch-file
command-line
batch-processing
【解决方案1】:
我曾经遇到过类似的情况,我的做法是:
setlocal EnableDelayedExpansion
SecEdit.exe /export /cfg "%temp%\sec-template.cfg" >nul 2>&1
set names=MaximumPasswordAge MinimumPasswordLength PasswordComplexity PasswordHistorySize
set values[MaximumPasswordAge]=90
set values[MinimumPasswordLength]=6
set values[PasswordComplexity]=1
set values[PasswordHistorySize]=10
for /F "delims== tokens=1,*" %%X in ('type "%temp%\sec-template.cfg"') do (
call :trim "%%X"
set cur_name=!result!
for %%I in (%names%) do (
if "!cur_name!" equ "%%I" (
set value== !values[%%I]!
)
)
if not defined value if "%%Y" neq "" (
call :trim "%%Y"
set value== !result!
)
echo !cur_name! !value! >> "%temp%\sec-template2.cfg"
set value=
)
SecEdit.exe /configure /db secedit.sdb /cfg "%temp%\sec-template2.cfg" >nul 2>&1
del /q "%temp%\sec-template2*.cfg" >nul 2>&1
if exist "%~dp0secedit.sdb" del "%~dp0secedit.sdb" >nul 2>&1
goto :eof
:trim
set result=%~1
set "f=!result:~0,1!" & set "l=!result:~-1!"
if "!f!" neq " " if "!l!" neq " " goto :eof
if "!f!" equ " " set result=!result:~1!
if "!l!" equ " " set result=!result:~0,-1!
call :trim "!result!"
goto :eof
希望对你有帮助。