Hi, I want that when I create a new user its will ask me to enter a password for this user
and until I will not enter a complex password its will ask me the password again and again.
I crate this script but I am not sure what to put in While anyone can help?
do {
try{
New-ADUser @newuser -ErrorAction Stop
}
catch [Microsoft.ActiveDirectory.Management.ADPasswordComplexityException]{
Write-Host -ForegroundColor Yellow "The account is not enabled due password not meet the password policy"
}
} while ($password -notlike [Microsoft.ActiveDirectory.Management.ADPasswordComplexityException])
May I recommend another approach? Instead of creating a password by hand you may create it automatically following the password rules of your company. It eliminates the need for a pesky loop forcing a human being to do the work of a computer.
Here you can find some examples from other people:
May I take a wild guess and say you did not write that code, right? Do you understand what this code does? It actually does NOT check the complexity. It only checks if it’s long enough and if it’s not the same like the sAMAccountName or if it contains some parts of the name of the user.
You should not use code you do not understand.
I’d stick to my recommendation to generate the password automatically according to the password rules of your company.