Test Scenario - Password Validation

Password Validation

When this setting is Not Configured or Enabled, Password Validation settings and Password Strength indicator settings apply.  The Password Validation rules in the software enforce stricter policy than Microsoft Default Domain Policy.                        

When the setting is disabled, only Microsoft Default Domain Policy settings ( for Password Policy ) apply.  The Password Strength indicator will also be removed.

 

Overview

Password Validation settings provide security settings above and beyond Microsoft standard settings. You may Enable Dictionary Validation setting to filter out approximately 65,000 common password strings. You may also specify your own custom Dictionary file. The policy can be configured to allow Weak, Good or Strong password strings. The password strength indicator displays the password strength that must be met for the new password to be accepted..

When this setting is Disabled, the software will not apply password validation rules that are stronger than Microsoft standard rules.  The Password Strength indicator will also be removed.

 

Purpose

This article provides instructions on testing the SYNERGIX AD Client Extensions software.  Password Validation feature is configured using the Administrative Template.  After installing the Administrative Template file, the policy setting can be found under COMPUTER CONFIGURATION \ Policies \ Administrative Templates \ SYNERGIX AD Client Extensions \ Security Settings\Password Validation. The Explain tab of the Group Policy setting provides online instructions on configuring the feature. 

 

Prerequisites

  • Supported Microsoft Windows Operating System
  • Microsoft Windows XP 
  • Microsoft Windows 7.0 
  • Microsoft Windows 8.0 or 8.1
  • .NET Framework 4.0
  • Active Domain Membership in Microsoft Active Directory domain
  • Microsoft Outlook or other EMail client 
  • EMail client is required to submit log files to support@synergix.com or x@mail.asana.com
  • SYNERGIX AD Client Extensions 2014

 

Active Directory Domain Environment

  • Single Active Directory Domain environment i.e. Single Forest with Forest Root Domain only example. F10.LOCAL
  • You can setup a more complex Active Directory Domain environment, if needed.  For example, one forest F10.LOCAL with child domains D10.F10.LOCAL, D11.F10.LOCAL and D12.F10.LOCAL and a trusted forest F20.LOCAL with child domains D20.F20.LOCAL, D21.F20.LOCAL and D22.F20.LOCAL
  • Security Group(s)

                  * Not required for this feature

  • Delegate Control

                   * Not required for this feature

 

Configure domain Group Policy Object

Copy SYNERGIX AD Client Extensions Administrative Template file  SYNERGIX-ADCE.ADMX to %SystemRoot%\PolicyDefinitions on admin workstation (must be Windows 7.0 or higher version) 

Copy SYNERGIX AD Client Extensions Administrative Template Language file SYNERGIX-ADCE.ADML to %SystemRoot%\PolicyDefinitions\en-US on same admin workstation ( must be Windows 7.0 or higher version ) 

Configuring Password Validation Policy Setting ...

  • Using GPMC.MSC, edit existing or new Group Policy Object
  • Expand COMPUTER CONFIGURATION
  • Expand Policies
  • Expand Administrative Templates
  • Expand SYNERGIX AD Client Extensions
  • Expand Security Settings
  • Double Click on “Password Validation” and Enable it.
  • Select the check box for validation

Enable Complexity Validation

Enable Dictionary Validation

Enable Active Directory Attribute Validation

Enable Custom Dictionary

You can specify your own Custom Dictionary. Specify the path, example \\serverFQDN\custom_val.doc

  • Configure other settings as required

Override Default AD Attributes used for validation

Include Attribute CN

Include Attribute Display Name

Include Attribute Given Name

Include Attribute Location

Include Attribute Name

Include Attribute SN

Override Default Complexity Values

Password Strength indicator using the Complexity Multiplier text boxes.

  • Click on OK to apply the settings.

 

More Information

 

Procedure

  • Log into a domain computer with the domain account (your admin account) that has local administrative privileges on the workstation.
  • Ensure the SYNERGIX AD Client Extensions specific Group Policy settings were applied
  • Launch RSOP.MSC or run GPRESULT.EXE /v to confirm
  • Install SYNERGIX AD Client Extensions software
  • After the software is successfully installed, launch change password dialog box and change your password based on validation you have set on the feature. 

 

 Test Results

  • Pass or
  • Fail

 

Test Result Submission

  1. Complete the Test Environment worksheet
  2. Upload test results document file to software test repository
  3. Upload log files*
  4. ServiceLogfile.txt
  5. ClientLogfile.txt
  6. Output generated by GPRESULT /H %computername%.html command

Note: You must use ADCE \ Help \ Submit Application Log Files button to submit the log files to Synergix Support

 

References:

N/A

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk