The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

This issue tracker is now in read-only archive mode and automatic ticket export has been disabled. Redmine users will need to create a new JIRA account to file tickets using https://tickets.puppetlabs.com. See the following page for information on filing tickets with JIRA:

Bug #9833

Improve password validation on Windows

Added by Josh Cooper almost 4 years ago. Updated about 2 years ago.

Status:AcceptedStart date:09/30/2011
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:windows
Target version:-
Affected Puppet version:2.7.6 Branch:
Keywords:windows user password

We've Moved!

Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com


Description

The user type does not allow ‘:’ to be in a user’s password, because it’s assuming the password format is a cryptographic hash. But that is a valid value for Windows passwords (since those are in cleartext). Ideally we should move the validation to the providers and for Windows, use the NetValidatePasswordPolicy function to validate the password, which takes into account any password complexity, length, etc requirements.


Related issues

Related to Puppet - Feature #8268: Basic Puppet agent support on Windows Closed 03/18/2011
Related to Puppet - Feature #13026: Manage user passwords on Windows without passing clear-te... Investigating 03/08/2012

History

#1 Updated by James Turnbull almost 4 years ago

  • Status changed from Unreviewed to Accepted

#2 Updated by James Turnbull almost 4 years ago

  • Affected Puppet version set to 2.7.6

#3 Updated by Josh Cooper over 3 years ago

  • Keywords set to windows user password

#4 Updated by Chris Barker about 2 years ago

If we could validate the password being provided by puppet this would allow for us to warn users that their password wont meet complexity standards even in noop mode, which could warn users of a possible issue applying this change when it gets rolled into production.

Also available in: Atom PDF