regex for default Windows AD password complexity

[Robin Wood <robin () digininja org>]

Hi
I'm building an extra check for Pipal and want to check for password
complexity, specifically that defined by Windows AD.

I've not dug into it to far but from what I can tell this is the default:

   - Passwords cannot contain the user’s account name or parts of the
   user’s full name that exceed two consecutive characters.
   - Passwords must be at least six characters in length.
   - Passwords must contain characters from three of the following four
   categories:


   1. English uppercase characters (A through Z).
   2. English lowercase characters (a through z).
   3. Base 10 digits (0 through 9).
   4. Non-alphabetic characters (for example, !, $, #, %).

[from here
http://thebackroomtech.com/2008/03/10/windows-server-2008-password-complexity-requirements/]

I can't check the first bullet but I can do the rest.

Questions:

Can anyone confirm that this is the default set up?

Does anyone have a regex that covers this? I can write one but may as well
reuse an existing tested one.

Does anyone have any other default complexity policies that it would be
worth including?

Robin

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com