March 6, 2014 at 11:48 am
Hi
I would like to enforce password policy for non-AD accounts.
when I select enfocre password policy on SQL server it will enforce default policy (minimum 8 char with alphanumeric).
As per the new security policy, I need to enforce it to minimum 16 char for non-AD accounts. Is there any way that we can create new policy on SQL server Policy Management.?
Thanks,
Murali
March 6, 2014 at 2:43 pm
Windows Logins abide by the login policies of the underlying Operating System. In SQL Server 2005 and later, SQL Server logins can also adhere to the windows login policies if the operating system version is Windows Server 2003 and later.
Check this
http://support.microsoft.com/kb/2028712
http://technet.microsoft.com/en-us/library/cc875814.aspx -- Check pt 12
--
SQLBuddy
March 7, 2014 at 5:21 am
@Murali (3/6/2014)
HiI would like to enforce password policy for non-AD accounts.
when I select enfocre password policy on SQL server it will enforce default policy (minimum 8 char with alphanumeric).
As per the new security policy, I need to enforce it to minimum 16 char for non-AD accounts. Is there any way that we can create new policy on SQL server Policy Management.?
Thanks,
Murali
Enabling the "enforce password policy" for a SQL account does indeed pick up from the local OS policy. If the server is not on a domain the local policy will apply. For Active Directory joined servers, the password policy is set at the lowest point at domain level, which propogates to machine level. Changing the domain policy means changing for all users in the domain, something which you may or may not want to do. Speak to your domain admins
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
March 7, 2014 at 7:02 am
Thank You very much for your reply Perry and SQLBuddy
Yes, this SQL server is in active directory group. I don’t want to change password policy on domain.
Here is my situation, all domain accounts are already enforced with password policy(8 Char alphanumeric, and changing every 90 days) . Management is discouraging local accounts usage on SQL servers so they want to implement a new policy for non –AD accounts with 16char.
Can we have a local policy on SQL servers only for specific accounts (non-AD accounts).? Is it possible in SQL server (2008 R2)..?
Thanks,
Murali
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply