SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


Increase password charecter lenght to 16 chars for only non AD accounts


Increase password charecter lenght to 16 chars for only non AD accounts

Author
Message
@Murali
@Murali
Forum Newbie
Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)

Group: General Forum Members
Points: 4 Visits: 420
Hi

I would like to enforce password policy for non-AD accounts.

when I select enfocre password policy on SQL server it will enforce default policy (minimum 8 char with alphanumeric).

As per the new security policy, I need to enforce it to minimum 16 char for non-AD accounts. Is there any way that we can create new policy on SQL server Policy Management.?


Thanks,
Murali
sqlbuddy123
sqlbuddy123
SSCrazy
SSCrazy (2.4K reputation)SSCrazy (2.4K reputation)SSCrazy (2.4K reputation)SSCrazy (2.4K reputation)SSCrazy (2.4K reputation)SSCrazy (2.4K reputation)SSCrazy (2.4K reputation)SSCrazy (2.4K reputation)

Group: General Forum Members
Points: 2392 Visits: 2243
Windows Logins abide by the login policies of the underlying Operating System. In SQL Server 2005 and later, SQL Server logins can also adhere to the windows login policies if the operating system version is Windows Server 2003 and later.

Check this

http://support.microsoft.com/kb/2028712

http://technet.microsoft.com/en-us/library/cc875814.aspx -- Check pt 12

--
SQLBuddy
Perry Whittle
Perry Whittle
SSC-Insane
SSC-Insane (20K reputation)SSC-Insane (20K reputation)SSC-Insane (20K reputation)SSC-Insane (20K reputation)SSC-Insane (20K reputation)SSC-Insane (20K reputation)SSC-Insane (20K reputation)SSC-Insane (20K reputation)

Group: General Forum Members
Points: 20124 Visits: 17244
@Murali (3/6/2014)

Hi

I would like to enforce password policy for non-AD accounts.

when I select enfocre password policy on SQL server it will enforce default policy (minimum 8 char with alphanumeric).

As per the new security policy, I need to enforce it to minimum 16 char for non-AD accounts. Is there any way that we can create new policy on SQL server Policy Management.?


Thanks,
Murali

Enabling the "enforce password policy" for a SQL account does indeed pick up from the local OS policy. If the server is not on a domain the local policy will apply. For Active Directory joined servers, the password policy is set at the lowest point at domain level, which propogates to machine level. Changing the domain policy means changing for all users in the domain, something which you may or may not want to do. Speak to your domain admins

-----------------------------------------------------------------------------------------------------------

"Ya can't make an omelette without breaking just a few eggs" ;-)
@Murali
@Murali
Forum Newbie
Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)Forum Newbie (4 reputation)

Group: General Forum Members
Points: 4 Visits: 420
Thank You very much for your reply Perry and SQLBuddy

Yes, this SQL server is in active directory group. I don’t want to change password policy on domain.
Here is my situation, all domain accounts are already enforced with password policy(8 Char alphanumeric, and changing every 90 days) . Management is discouraging local accounts usage on SQL servers so they want to implement a new policy for non –AD accounts with 16char.

Can we have a local policy on SQL servers only for specific accounts (non-AD accounts).? Is it possible in SQL server (2008 R2)..?

Thanks,
Murali
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search