我想允许当前用户更改密码(通过事件目录管理)。
我想验证并在 Active Directory 中设置他们的密码(当前使用 SetPassword invoke method )。
我的问题是验证密码,使其满足复杂性要求:
Not contain the user's account name or parts of the user's full name that exceed two consecutive characters Be at least six characters in length Contain characters from three of the following four categories: English uppercase characters (A through Z) English lowercase characters (a through z) Base 10 digits (0 through 9) Non-alphabetic characters (for example, !, $, #, %) Complexity requirements are enforced when passwords are changed or created.
我已经在使用带有两个文本框的 CompareValidator
,因此我正在考虑添加 RegularExpressionValidator
( source 1 、 source 2 ),但我不确定如何让它与整个“四类中的三类”一起工作:
RegularExpressionValidator revComplex = new RegularExpressionValidator();
revComplex.ControlToValidate = _txtPassword1.ID;
revComplex.ErrorMessage = "Password must have at least 7 characters. Characters should be from at least three of the following four groups: uppercase letter, lowercase letter, digit, or special characters (for example, !, $, #, %).";
revComplex.ValidationExpression = @"^(?=.{7,})(?=.*[a-z])(?=.*[0-9])(?=.*[A-Z])(?!.*s).*$";
肯定有人尝试过这样做吗?在根据本地安全策略将用户密码发送到 Active Directory 之前,我应该如何验证用户密码?
最佳答案
恕我直言,您可以更好地使用 ChangePassword 而不是 SetPassword。这样,您就需要用户指定其当前(旧)密码。这可能很有趣,因为您永远无法 100% 确定正在浏览您网站的用户实际上是登录的用户。
以下是包含更多信息的链接: http://www.primaryobjects.com/CMS/Article66.aspx
您不必提前验证密码。只需在 try-catch 中将其发送到 AD,如果未通过验证,原因将在异常消息中。
关于c# - 根据本地安全策略验证新的 AD 密码?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5060251/