Set the local password policy for windows
Ratings
Release Time
06/04/2018
Downloads
1348 times
Update Time
06/06/2025
Views
1353 times
Share-it:
Categories
Action
Published on:
7 years ago
Hi,
This script will set the local password policy for windows such as Password Length , Unique Password History, Minimum & Maximum no. days for Password Expiry and Password Complexity.
Edit Parameters:
Password_History='5' #Provide the no. of unique passwords to remember
Minimum_Password_Age='4' #Provide the minimum no. of days for password expiry
Maximum_Password_Age='10'#Provide the maximum no. of days for password expiry
Minimum_Password_Length='3'#Provide the minimum length of password
Password_Meet_Complexity='1'#Provide the password meet complexity to be enabled(1) or disabled(0)
Run as System User
Procedure's Instructions
102
1
#To define a particular parameter, replace the 'parameterName' inside itsm.getParameter('parameterName') with that parameter's name2
Password_History='5' #Provide the no. of passwords to remember3
Minimum_Password_Age='4' #Provide the minimum no. of days for password expiry4
Maximum_Password_Age='10'#Provide the maximum no. of days for password expiry5
Minimum_Password_Length='3'#Provide the minimum length of password6
Password_Meet_Complexity='1'#Provide the password meet complexity to be enabled(1) or disabled(0)7
8
import os9
10
pass_hist=os.popen('net accounts /uniquepw:'+Password_History).read()11
print pass_hist12
print 'No. of Unique Passwords to remember is %s '%Password_History13
14
pwd_exp_min=os.popen('net accounts /minpwage:'+Minimum_Password_Age).read()15
print pwd_exp_min16
print 'Minimum no. of days for Password Expiry is %s days'%Minimum_Password_Age17
18
pwd_exp_max=os.popen('net accounts /maxpwage:'+Maximum_Password_Age).read()19
print pwd_exp_max20
print 'Maximum no. of days for Password Expiry is %s days'%Maximum_Password_Age21
22
min_pwd=os.popen('net accounts /minpwlen:'+Minimum_Password_Length).read()23
print min_pwd24
print 'Minimum Password Characters are %s'%Minimum_Password_Length25
26
complexity=r'''27
setlocal EnableDelayedExpansion28
29
SecEdit.exe /export /cfg "%temp%\sec-template.cfg" >nul 2>&130
31
set names= PasswordComplexity 32
33
set values[PasswordComplexity]=134
35
for /F "delims== tokens=1,*" %%X in ('type "%temp%\sec-template.cfg"') do (36
call :trim "%%X"37
set cur_name=!result!38
for %%I in (%names%) do (39
if "!cur_name!" equ "%%I" (40
set value== !values[%%I]! 41
)42
)43
44
if not defined value if "%%Y" neq "" (45
call :trim "%%Y"46
set value== !result! 47
)48
49
echo !cur_name! !value! >> "%temp%\sec-template2.cfg"50
set value=51
)52
53
SecEdit.exe /configure /db secedit.sdb /cfg "%temp%\sec-template2.cfg" >nul 2>&154
55
del /q "%temp%\sec-template2*.cfg" >nul 2>&156
57
if exist "%~dp0secedit.sdb" del "%~dp0secedit.sdb" >nul 2>&158
59
goto :eof60
61
:trim 62
set result=%~163
64
set "f=!result:~0,1!" & set "l=!result:~-1!"65
66
if "!f!" neq " " if "!l!" neq " " goto :eof67
if "!f!" equ " " set result=!result:~1!68
if "!l!" equ " " set result=!result:~0,-1!69
70
call :trim "!result!"71
goto :eof72
'''73
74
import subprocess75
import ctypes76
77
class disable_file_system_redirection:78
_disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection79
_revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection80
def __enter__(self):81
self.old_value = ctypes.c_long()82
self.success = self._disable(ctypes.byref(self.old_value))83
def __exit__(self, type, value, traceback):84
if self.success:85
self._revert(self.old_value)86
87
path=os.environ['programdata']+"\Sample.bat"88
with open(path,"w") as f:89
f.write(complexity)90
91
with disable_file_system_redirection():92
process = subprocess.Popen([path],stdout=subprocess.PIPE)93
stdout = process.communicate()[0]94
print "---------------------------"95
print "Password Complexity Achieved.."96
97
if os.path.exists(path):98
try:99
os.remove(path)100
except:101
pass102
Leave a Comment
CONTACT US
Call now! 
(972) 649-9012
(972) 649-9012
---
Comments