Forum Discussion
Vulnerability Management - Baselines assessment
We are currently evaluating Vulnerability Management to report on our CIS 2.0 compliance. In a Domain Controller profile the Password Policy checks appear to be incorrect. For example: 1.1.5 ...
Yes I do, but they have all checked "Password must meet complexity requirements".
Additionally we have "Entra Password Protection" installed. I wonder if that confuses it.
If it does not know the solution, and just sees there is a Passfilt.dll installed... 🤷:male_sign:
Anyways, it is just an additional complexity requirement, so ought to be even better than default Windows complexity.
Additionally we have "Entra Password Protection" installed. I wonder if that confuses it.
If it does not know the solution, and just sees there is a Passfilt.dll installed... 🤷:male_sign:
Anyways, it is just an additional complexity requirement, so ought to be even better than default Windows complexity.
Jan11185 Hi, I also have Entra Password Protection enabled and it hasn't given me any problems; if you run the command below on the domain controller what does it return?
Get-ADDefaultDomainPasswordPolicy
- Thank you for your responses.
It looks ok:
ComplexityEnabled : TrueJan11185 Very strange 🤔
Yes indeed...
Based on the DCs I have tried thus far, it seems to detect the PDC emulators as compliant, but other DCs in the same domains as not compliant.