| Server IP : 123.56.80.60 / Your IP : 216.73.216.78 Web Server : Apache/2.4.54 (Win32) OpenSSL/1.1.1s PHP/7.4.33 mod_fcgid/2.3.10-dev System : Windows NT iZhx3sob14hnz7Z 10.0 build 14393 (Windows Server 2016) i586 User : SYSTEM ( 0) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : C:/Program Files/python/Lib/site-packages/win32/Demos/ |
Upload File : |
"""A demo of using win32net.NetValidatePasswordPolicy.
Example usage:
% NetValidatePasswordPolicy.py --password=foo change
which might return:
> Result of 'change' validation is 0: The operation completed successfully.
or depending on the policy:
> Result of 'change' validation is 2245: The password does not meet the
> password policy requirements. Check the minimum password length,
> password complexity and password history requirements.
Adding --user doesn't seem to change the output (even the PasswordLastSet seen
when '-f' is used doesn't depend on the username), but theoretically it will
also check the password history for the specified user.
% NetValidatePasswordPolicy.py auth
which always (with and without '-m') seems to return:
> Result of 'auth' validation is 2701: Password must change at next logon
"""
import sys
import win32api
import win32net, win32netcon
import optparse
from pprint import pprint
def main():
parser = optparse.OptionParser("%prog [options] auth|change ...",
description="A win32net.NetValidatePasswordPolicy demo.")
parser.add_option("-u", "--username",
action="store",
help="The username to pass to the function (only for the "
"change command")
parser.add_option("-p", "--password",
action="store",
help="The clear-text password to pass to the function "
"(only for the 'change' command)")
parser.add_option("-m", "--password-matched",
action="store_false", default=True,
help="Used to specify the password does NOT match (ie, "
"uses False for the PasswordMatch/PasswordMatched "
"arg, both 'auth' and 'change' commands)")
parser.add_option("-s", "--server",
action="store",
help="The name of the server to execute the command on")
parser.add_option("-f", "--show_fields",
action="store_true", default=False,
help="Print the NET_VALIDATE_PERSISTED_FIELDS returned")
options, args = parser.parse_args()
if not args:
args = ["auth"]
for arg in args:
if arg == "auth":
input = {"PasswordMatched": options.password_matched,
}
val_type = win32netcon.NetValidateAuthentication
elif arg == "change":
input = {"ClearPassword": options.password,
"PasswordMatch": options.password_matched,
"UserAccountName": options.username,
}
val_type = win32netcon.NetValidatePasswordChange
else:
parser.error("Invalid arg - must be 'auth' or 'change'")
try:
fields, status = win32net.NetValidatePasswordPolicy(options.server,
None, val_type, input)
except NotImplementedError:
print("NetValidatePasswordPolicy not implemented on this platform.")
return 1
except win32net.error as exc:
print("NetValidatePasswordPolicy failed: ", exc)
return 1
if options.show_fields:
print("NET_VALIDATE_PERSISTED_FIELDS fields:")
pprint(fields)
print("Result of %r validation is %d: %s" % \
(arg, status, win32api.FormatMessage(status).strip()))
return 0
if __name__=='__main__':
sys.exit(main())