在Windows本地安全策略中,存在复杂性要求。我希望能够在批处理文件中启用它,以启用其他密码,如长度,年龄等。
::this will change the minimum length of the password
net accounts /minpwlen:8
::this will change the maximum age of the password
net accounts /maxpwage:30
::this will change the minimum age of the password
net accounts /minpwage:5
::this will change the number of passwords stored
net accounts /uniquepw:5
以上是我想要的大部分内容,但我无法弄清楚如何在批处理中实现复杂性。提前致谢。如果你有任何其他想法如何做到这一点,我是开放的。
答案 0 :(得分:0)
我有过类似的情况,我做的是:
setlocal EnableDelayedExpansion
SecEdit.exe /export /cfg "%temp%\sec-template.cfg" >nul 2>&1
set names=MaximumPasswordAge MinimumPasswordLength PasswordComplexity PasswordHistorySize
set values[MaximumPasswordAge]=90
set values[MinimumPasswordLength]=6
set values[PasswordComplexity]=1
set values[PasswordHistorySize]=10
for /F "delims== tokens=1,*" %%X in ('type "%temp%\sec-template.cfg"') do (
call :trim "%%X"
set cur_name=!result!
for %%I in (%names%) do (
if "!cur_name!" equ "%%I" (
set value== !values[%%I]!
)
)
if not defined value if "%%Y" neq "" (
call :trim "%%Y"
set value== !result!
)
echo !cur_name! !value! >> "%temp%\sec-template2.cfg"
set value=
)
SecEdit.exe /configure /db secedit.sdb /cfg "%temp%\sec-template2.cfg" >nul 2>&1
del /q "%temp%\sec-template2*.cfg" >nul 2>&1
if exist "%~dp0secedit.sdb" del "%~dp0secedit.sdb" >nul 2>&1
goto :eof
:trim
set result=%~1
set "f=!result:~0,1!" & set "l=!result:~-1!"
if "!f!" neq " " if "!l!" neq " " goto :eof
if "!f!" equ " " set result=!result:~1!
if "!l!" equ " " set result=!result:~0,-1!
call :trim "!result!"
goto :eof
希望它有所帮助。