In Windows XP, I'm going to add a new user with a simple password. It prompts that the password does not meet the password policy requirements. I've not set a policy!
Then I found that i should use gpedit.msc to change this policy. But it's disabled and I'm unable to change the default policy. I don't know how to change this policy.
Can you use Start -> Run -> secpol.msc, and then navigate to Account Policies and then Password Policy and change it there?
If not, then maybe you can do this by editing the registry directly using this:
Set strong password policy in Windows XP
Oh, I found it! The computer was joined to a domain. So I couldn't create a user with a simple password, even in the local Windows. I left the domain and the fields got changeable!
Microsoft is always weird.
Related
This question follows an audit on my AD where Windows servers with very old PasswordLastSet attributes have been discovered.
I'm familiar with using the Pwd-last-set attribute in order to check when an AD user has last changed his password. But what does this attribute mean when talking about a computer-type object like a laptop or a windows server ?
The Microsoft documentation states it is "The date and time that the password for this account was last changed". I don't think this means the local administrator of the computer, since I've clearly not changed mine at the date my Pwd-last-set attribute indicates.
Finally, if it isn't the local administrator nor my account, how can I set a new password that will refresh the attribute ?
EDIT
So the password is actually the Machine Account password used for communication between the computer/server and the DC
It's supposed to be renewed every 30 days on default Windows settings through the following registery key : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
I still don't have a way to easily force the renew of this password but found some leads :
Put the MaximumPasswordAge in the registery to a low number and restart the machine
Use the "Reset Account" options when right-clicking the object in the active directory -> What are the consequences for a server ?
Use the Reset-ComputerMachinePassword Powershell command -> What are the consequences for a server ?
When I want to check in my registry for changing keys for bitlocker I don't seem to have this location:
HKLM\Software\Policies\Microsoft\FVE
The FVE map isn't there. So I also can't change these keys with PowerShell.
Its a local computer, not in a domain.
Anyone know how I can solve this?
You need to Edit local group policy. Located here:
Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Choose drive encryption method and cipher strength
You will also need to install the MBAM Client in order for that reg hive to appear.
Once you enable the GPO and install the MBAM Client you will be able to change what you want within the registry. However, local group policy works just fine in this case.
Is there any way of changing Wildfly's Management Realm's password through config files of some sort? I kinda lost my password (my LastPass add-on for Firefox is kinda messing up with me). If there is, how?
Passwords by default are stored in
$WILDFLY_HOME/standalone/configuration/mgmt-users.properties
but passwords are hashed.
Best thing you can do is to remove the user you want and then re-add it via add-user.sh/.bat script you can find in bin folder.
If you are using WildFly the add-user utility has the ability to replace existing passwords, just run it again for a user with the same username and it should give you the option to replace the password.
I need to disable the following group policy in Windows 7 programatically, for example by modifying a registry key using Powershell:
"Turn Off Automatic Root Certificates Update"
Does anybody know which registry key needs to be set or unset in order to make this work?
I had a similar issue when i was creating an application that communicated with a server over HTTPS using two-way SSL.
This was causing a delay of a full minute when the initial request was made
It ran in WinPE where hand clicking through the local group policy editor was not an option.
There also is no way I am aware of to register a root authority in this environment and it is running in an incredibly restricted environment so it can not access windows update (not that it would find our corporate CA there anyway).
The registry value you are looking for is
HKLM\Software\Policies\Microsoft\SystemCertificates\AuthRoot
DWORD DisableRootAutoUpdate = 1
Source: http://www.group-policy.com/ref/policy/452/Turn_off_Automatic_Root_Certificates_Update
To turn off Automatic Root Certificates Update via Local Group Policy Editor:
Click Start, and then click Run.
Type gpedit.msc, and then click OK.
If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
Under computer configuration, Double-click Administrative Templates, double-click System, double-click Internet Communication Management, and then click Internet Communication settings.
Double-click Turn off Automatic Root Certificates Update, click Enabled, and then click OK.
Close the Local Group Policy Editor.
Domain policies override local settings. That's how they're supposed to work (they'd be rather useless otherwise). If you want the policy disabled, disable or remove the policy in Group Policy Management or remove the computer from the domain.
When I create a “development” glassfish (3.1) domain with netbeans (6.9) then no passwords are needed. Everything works magically.
Nice on the first glance. Until you actually need to know the admin user and password.
The normal combination admin / adminadmin does not actually work.
Also the normal master password changeit won't get me anywhere.
Does anybody knows which credentials netbeans uses when creating a glassfish domain?
Of course I tried to create a domain using asadmin. But then NetBeans does not like these domains all that much, i.e. NetBeans starts to ask for passwords, automatic start of domain does not work any more. Trouble without end.
Update 1:
I tried to use empty passwords as suggested but this does not work either:
Authentication failed for user: admin
with password from password file: …\Domain.properties
(Usually, this means invalid user name and/or password)
Command create-file-user failed.
Am I between the hard rock and the deep blue sea here? NetBeans created domains don't work with command-line and command-line created domains don't work with netbeans?
Well I figured it out myself (again - when will I finally get my self learner badge?)
The problem is that the admin user is:
--user anonymous
no where documented. I only found it in the config/admin-keyfile. The password then is indeed empty as vkraemer suggested:
AS_ADMIN_MASTERPASSWORD=
AS_ADMIN_PASSWORD=
Thanks for the help.
Most obvious answer missing? Netbeans - > Services - > Glassfish -> Properties -> Password show?
If you use NetBeans to create a development domain, it does not have a password. Sending one to the various commands will cause problems.
First, login to the Administration Console using admin/adminadmin and then change the password. After that, you will be able to connect from Netbeans. I did that with Netbeans 8.
Remove username, password in development environment.