DOMAIN_PASSWORD_INFORMATION structure

The DOMAIN_PASSWORD_INFORMATION structure contains information about a domain's password policy, such as the minimum length for passwords and how unique passwords must be.

It is used in the MSV1_0_CHANGEPASSWORD_RESPONSE structure.

Syntax

typedef struct _DOMAIN_PASSWORD_INFORMATION {
  USHORT            MinPasswordLength;
  USHORT            PasswordHistoryLength;
  ULONG             PasswordProperties;
#if ...
  OLD_LARGE_INTEGER MaxPasswordAge;
#if ...
  OLD_LARGE_INTEGER MinPasswordAge;
#else
  LARGE_INTEGER     MaxPasswordAge;
#endif
#else
  LARGE_INTEGER     MinPasswordAge;
#endif
} DOMAIN_PASSWORD_INFORMATION, *PDOMAIN_PASSWORD_INFORMATION;

Members

MinPasswordLength

Specifies the minimum length, in characters, of a valid password.

PasswordHistoryLength

Indicates the number of previous passwords saved in the history list. A user cannot reuse a password in the history list.

PasswordProperties

Flags that describe the password properties. They can be one or more of the following values.

Value Meaning
DOMAIN_PASSWORD_COMPLEX
0x00000001L
The password must have a mix of at least two of the following types of characters:
  • Uppercase characters
  • Lowercase characters
  • Numerals
DOMAIN_PASSWORD_NO_ANON_CHANGE
0x00000002L
The password cannot be changed without logging on. Otherwise, if your password has expired, you can change your password and then log on.
DOMAIN_PASSWORD_NO_CLEAR_CHANGE
0x00000004L
Forces the client to use a protocol that does not allow the domain controller to get the plaintext password.
DOMAIN_LOCKOUT_ADMINS
0x00000008L
Allows the built-in administrator account to be locked out from network logons.
DOMAIN_PASSWORD_STORE_CLEARTEXT
0x00000010L
The directory service is storing a plaintext password for all users instead of a hash function of the password.
DOMAIN_REFUSE_PASSWORD_CHANGE
0x00000020L
Removes the requirement that the machine account password be automatically changed every week.

This value should not be used as it can weaken security.

MaxPasswordAge.#530740382

MinPasswordAge.#131590436

MaxPasswordAge.#2550346689

MinPasswordAge.#188491468

Requirements

   
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Header ntsecapi.h