PreviousNext

ANIXIS Web Site

Password Policy Enforcer

Upgrading from PPE V3.x

The PPE V6.x Password Policy Server is backwards compatible with the V3.x Password Policy Client. You can benefit from most of the new features by upgrading the Password Policy Server on the domain controllers. Do this before deploying the V6.x Password Policy Client.

Upgrading the Password Policy Server

The PPE installer detects existing V3.x installations and upgrades them to V6.1. Refer to the Installing PPE section for complete installation instructions. The installer does not copy configuration settings to Active Directory, so you will need to configure PPE V6.x after upgrading.

PPE V6.x does not use a client dictionary file, but you can specify a client dictionary file if your PPE V3.x clients are currently using one:

  1. Open the PPE management console.
  2. Click the PPS item to display the PPS view.
  3. Click Support Tools in the right pane of the management console.
  4. Click the Property Editor tab.
  5. Choose a password policy from the Policy drop-down list.
  6. Choose 300CLIENTDICTFILE from the Property drop-down list.
  7. Type a full path to the client dictionary file in the Value text box. For example, c:\program files\password policy enforcer\dict_o.txt
  8. Type 7043 in the Property ID text box, and then click Set Value.
  9. Repeat for all other policies.

The user who originally installed PPE V3.x may have shortcuts for both versions of PPE in their Start menu, and in their Add or Remove programs list after upgrading. This does not affect PPE's performance. To remove the unwanted shortcuts:

  1. Open Add or Remove Programs in Control Panel.
  2. Click the Password Policy Enforcer item (be careful not to click the Password Policy Enforcer 6.1 item).
  3. Click Remove, and then click Yes.
  4. Click OK after PPE V3.x uninstalls, and then click No when asked to restart the computer.
  5. Click the Password Policy Enforcer 6.1 item, and then click Change.
  6. Select the Repair option, and then click Next twice.
  7. Click Finish after the repair is complete.

You can start enforcing the new rules after all the domain controllers are upgraded to V6.x. Older V3.x clients including PPE/Web V3.x and ANIXIS Password Reset V1.x will work with the new server, but they will always display the Generic Rejection message when a password is rejected by one of the new rules. These older clients also cannot detect passphrases. Users must comply with the policy's compliance level when these older clients are installed.

Do not use the automatic tolerance option with PPE V4.x or V3.x clients, including PPE/Web V3.x and ANIXIS Password Reset V1.x. These clients will enforce an extremely restrictive password policy if this option is enabled. They will reject any password that contains a character found in the comparison parameter.

Upgrading the Password Policy Client

The Password Policy Client installer detects existing V3.x installations and upgrades them to V6.1. Refer to the Installing the PPC section for complete installation instructions.

© Copyright 1998 - 2011 ANIXIS.
All rights reserved.
PreviousNext