Knowledge Base

The following PowerShell script contains a sample implementation of how Specops Password Policy and Breached Password Protection customers can automate sending an email to administrators containing the results of Password Policy Periodic Scanning, a list of any users found to have breached passwords, and a Password Auditor report PDF. Customers can set a script like...

Short answer: It depends Situation where it depends If you disable length-based password aging, the user(s) will then be subjected to the normal maximum password age. Situations where the user will not be forced to change their password: If the user sets their password based on this current policy, we see their sub-object has a...

Fine-Grained Password Policies are a way to assign different Microsoft password policies to different users, and they override the Default Domain Policy: Step 1 Create a security group that contains all desired users within Active Directory Users and Computers. Note that when you create this group it should be a Global group. If you create...

Specops Password Auditor Password Policy customers should download Password Auditor directly from Password Policy Domain Administration. Updates to Password Auditor can be downloaded from within the Password Auditor application — if an update is available, you will see a prompt to download it. Specops Password Policy https://specopssoft.com/support/password-policy/download/ h uReset You would do this directly through...

Specops Password Reset (SPR) and Specops Password Policy (SPP) take full advantage of Active Directory. SPR creates a classStore Object called specops-spp-passwordreset. SPP creates a classstore Object called specops-spp-passwordhistory. Both of these objects can prevent migration tools, such as Active Directory Migration Tool (ADMT), from successfully migrating the user object. Note: The latest version of...

The configuration is stored in Group Policy and Active Directory, so there is nothing needed to back up before walking through the upgrade process. How do I upgrade password policy steps are as below: 1.Navigate to https://specopssoft.com/support/en/password-policy/download.htm and download the file. 2. Save and Run the Setup Assistant locally to a machine where you administer...

*This article is for 7.14 and higher* Often questions arise regarding Specops and password expiration. Below are the steps that can be followed to verify if Specops caused a password to expire. Checking the Periodic Scanning tab This tab provides counts of users affected by Specops Password Policy, along with license information, password expiration, users...

The Specops Arbiter service uses a self-signed certificate to encrypt communications from domain controllers to query the Specops API. If this certificate is expired or inadvertently deleted, the Arbiter server may not be able to start. Identify the Certificate Currently In Use The Arbiter uses the certificate identified by the thumbprint stored in the registry:...

This article applies to uReset when used in a multi-domain environment. When using uReset and Password Policy in multiple trusted domains/forests, you may find that users accessing uReset from domains other than the Gatekeeper domain do not see the Password Policy rules when setting their new password. When this occurs, you will find event ID...

*This article applies to version 7.10 and later* Please note this article applies to the latest version of Password Policy. When viewing Password Policy license usage in Password Policy Domain Administration, admins may encounter the following error: As the error indicates, the Sentinel on the domain controller holding the PDC Emulator role is responsible for...