Overview#

MsDS-PasswordComplexityEnabled is a Microsoft Active Directory Password Policy AttributeType Type Boolean (default True) determines if passwords MUST contain characters from at least three of the following four character groups:

• UPPERCASE characters
• Lowercase characters
• numeric characters
• or special characters.

When the user changes the password, a password in this list cannot be reused.

MsDS-PasswordComplexityEnabled is used to enhance Password Quality

LDAP Attribute Definition#

The MsDS-PasswordComplexityEnabled AttributeTypes is defined as:

• OID of 1.2.840.113556.1.4.2015
• NAME: MsDS-PasswordComplexityEnabled
• DESC:
• EQUALITY:
• ORDERING:
• SYNTAX: 1.3.6.1.4.1.1466.115.121.1.7 (Boolean)
• SINGLE-VALUE
• NO-USER-MODIFICATION (only if present)
• USAGE: UserApplications
• Used as MUST in:
  • MsDS-PasswordSettings
• Used MAY in:

More Information#

There might be more information for this subject on one of the following:

• 1.2.840.113556.1.4.2015
• MsDS-PasswordSettings