{"id":208431,"date":"1970-01-01T00:00:00","date_gmt":"1970-01-01T00:00:00","guid":{"rendered":"https:\/\/www.ninjaone.com\/?post_type=script_hub&#038;p=208431"},"modified":"2024-03-01T12:55:44","modified_gmt":"2024-03-01T12:55:44","slug":"powershell-definir-longueur-minimale-mots-de-passe","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/fr\/script-hub\/powershell-definir-longueur-minimale-mots-de-passe\/","title":{"rendered":"PowerShell\u00a0: comment d\u00e9finir le seuil minimum de longueur et d\u2019\u00e2ge du mot de passe sur Windows"},"content":{"rendered":"<h2>Principaux points \u00e0 retenir<\/h2>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\">La mise en place de strat\u00e9gies de mots de passe performantes est fondamentale pour la s\u00e9curit\u00e9 informatique.<\/li>\n<li>Le script PowerShell fourni automatise les configurations de strat\u00e9gie de mot de passe sur Windows.<\/li>\n<li>L&rsquo;ex\u00e9cution du script n\u00e9cessite des privil\u00e8ges d&rsquo;administrateur.<\/li>\n<li>Les m\u00e9thodes automatis\u00e9es, comme ce script, sont plus efficaces que les configurations manuelles, en particulier pour les grands parcs informatiques.<\/li>\n<li>Des r\u00e9visions et des mises \u00e0 jour r\u00e9guli\u00e8res de la strat\u00e9gie sont essentielles pour une s\u00e9curit\u00e9 proactive.<\/li>\n<li>L&rsquo;int\u00e9gration avec des plateformes telles que NinjaOne peut d\u00e9cupler les avantages de ces scripts.<\/li>\n<li>La garantie d&rsquo;exigences coh\u00e9rentes en mati\u00e8re de mots de passe renforce directement la s\u00e9curit\u00e9 informatique.<\/li>\n<li>En cette p\u00e9riode d\u2019expansion rapide des technologies et des menaces qui planent sur elles, les outils d&rsquo;automatisation sont essentiels.<\/li>\n<\/ul>\n<p>Dans le domaine en constante \u00e9volution de la s\u00e9curit\u00e9 informatique, la protection de l&rsquo;acc\u00e8s aux comptes utilisateurs reste un principe fondamental. Alors que les entreprises cherchent \u00e0 renforcer leurs mesures de s\u00e9curit\u00e9, il devient primordial de d\u00e9finir des exigences appropri\u00e9es en mati\u00e8re de mots de passe. C\u2019est ici qu\u2019entre en jeu un script PowerShell, un script qui joue un r\u00f4le essentiel en automatisant la <strong>modification des strat\u00e9gies de mot de passe<\/strong> sur les appareils Windows.<\/p>\n<h2>Contexte<\/h2>\n<p>Traditionnellement, les professionnels de l&rsquo;informatique et les <a href=\"https:\/\/www.ninjaone.com\/fr\/quest-ce-quun-msp\">fournisseurs de services g\u00e9r\u00e9s (MSP)<\/a> d\u00e9finissent manuellement les exigences en mati\u00e8re de mots de passe. Mais, \u00e0 mesure que les infrastructures se d\u00e9veloppent et qu&rsquo;il devient imp\u00e9ratif de travailler \u00e0 plus grande \u00e9chelle, les processus manuels deviennent peu pratiques. Ce script PowerShell apporte une r\u00e9ponse efficace en permettant aux administrateurs de d\u00e9finir des longueurs de mot de passe et des dur\u00e9es de validit\u00e9 (\u00e2ge) sp\u00e9cifiques pour les comptes locaux sur les syst\u00e8mes Windows. En automatisant ces t\u00e2ches banales mais essentielles, les professionnels peuvent garantir des strat\u00e9gies de mots de passe coh\u00e9rentes et, par extension, un environnement de s\u00e9curit\u00e9 informatique plus performant.<\/p>\n<h2>Le script PowerShell<\/h2>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"powershell\">#Requires -Version 5.1\r\n\r\n&lt;#\r\n.SYNOPSIS\r\n    Set the minium password length or age for local accounts.\r\n.DESCRIPTION\r\n    Set the minium password length or age for local accounts.\r\n.EXAMPLE\r\n     -Length 14\r\n    Set the minium password length for local accounts.\r\n.EXAMPLE\r\n     -Length 14 -MinAge 30 -MaxAge 42\r\n    Set the minium password length, minium age, maximum age for local accounts.\r\n.EXAMPLE\r\n    PS C:&gt; Set-MiniumPasswordRequirements.ps1 -Length 14 -Age 42\r\n    Set the minium password length and age for local accounts.\r\n.OUTPUTS\r\n    None\r\n.NOTES\r\n    Minimum OS Architecture Supported: Windows 10, Windows Server 2016\r\n    Release Notes:\r\n    Initial Release\r\nBy using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https:\/\/www.ninjaone.com\/terms-of-use.\r\n    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. \r\n    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. \r\n    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. \r\n    Warranty Disclaimer: The script is provided \u201cas is\u201d and \u201cas available\u201d, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. \r\n    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. \r\n    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. \r\n    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).\r\n.COMPONENT\r\n    LocalUserAccountManagement\r\n#&gt;\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    [Parameter()]\r\n    [ValidateRange(0, 14)]\r\n    [int]\r\n    $Length,\r\n    [Parameter()]\r\n    [ValidateRange(0, 998)]\r\n    [int]\r\n    $MinAge,\r\n    [Parameter()]\r\n    [ValidateRange(0, 999)]\r\n    [int]\r\n    $MaxAge\r\n)\r\n\r\nbegin {\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        if ($p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator))\r\n        { Write-Output $true }\r\n        else\r\n        { Write-Output $false }\r\n    }\r\n    function Get-LocalPasswordPolicy {\r\n        param ()\r\n        $Result = [PSCustomObject]@{\r\n            MinimumLength = 0\r\n            MaximumAge    = 0\r\n            MinimumAge    = 0\r\n        }\r\n        $(net.exe accounts) -split \"n\" | ForEach-Object {\r\n            $Line = $_ -split \":\"\r\n            if ($_ -like \"Minimum password length*\") {\r\n                $Result.MinimumLength = \"$($Line[1])\".Trim(' ')\r\n            }\r\n            if ($_ -like \"Maximum password age (days)*\") {\r\n                $Result.MaximumAge = \"$($Line[1])\".Trim(' ')\r\n            }\r\n            if ($_ -like \"Minimum password age (days)*\") {\r\n                $Result.MinimumAge = \"$($Line[1])\".Trim(' ')\r\n            }\r\n        }\r\n        $Result\r\n    }\r\n\r\n    $NetExeError = $false\r\n}\r\nprocess {\r\n    if (-not (Test-IsElevated)) {\r\n        Write-Error -Message \"Access Denied. Please run with Administrator privileges.\"\r\n        exit 1\r\n    }\r\n    # Get Current localhost password policy settings\r\n    $CurrentSettings = Get-LocalPasswordPolicy\r\n    \r\n    if ($PSBoundParameters.ContainsKey(\"Length\") -and -not ($CurrentSettings.MinimumLength -like $NewSettings.MinimumLength -or $CurrentSettings.MinimumLength -eq $NewSettings.MinimumLength)) {\r\n        Write-Host \"Changing Minimum Password Length from $($CurrentSettings.MinimumLength) to $Length\"\r\n        net.exe accounts \/minpwlen:$Length\r\n    }\r\n    if ($PSBoundParameters.ContainsKey(\"MaxAge\") -and\r\n        -not (\r\n            $(if ($CurrentSettings.MaximumAge -like \"unlimited\") { 0 }else { $CurrentSettings.MaximumAge }) -like\r\n            $(if ($NewSettings.MaximumAge -like \"unlimited\") { 0 }else { $NewSettings.MaximumAge })\r\n        )) {\r\n        Write-Host \"Changing Maximum Password Age from $($CurrentSettings.MaximumAge) to $MaxAge\"\r\n        if ($MaxAge -gt 0) {\r\n            net.exe accounts \/maxpwage:$MaxAge\r\n        }\r\n        else {\r\n            net.exe accounts \/maxpwage:unlimited\r\n        }\r\n    }\r\n    if ($PSBoundParameters.ContainsKey(\"MinAge\") -and -not ($CurrentSettings.MinimumAge -like $NewSettings.MinimumAge -or $CurrentSettings.MinimumAge -eq $NewSettings.MinimumAge)) {\r\n        Write-Host \"Changing Minimum Password Age from $($CurrentSettings.MinimumAge) to $MinAge\"\r\n        net.exe accounts \/minpwage:$MinAge\r\n    }\r\n\r\n    # Get New localhost password policy settings and check if anything changed\r\n    $NewSettings = Get-LocalPasswordPolicy\r\n    \r\n    if ($PSBoundParameters.ContainsKey(\"Length\") -and ($PSBoundParameters['Length'] -notlike $NewSettings.MinimumLength)) {\r\n        $NetExeError = $true\r\n        Write-Host \"Minimum Length was not set correctly.\"\r\n    }\r\n    if ($PSBoundParameters.ContainsKey(\"MaxAge\") -and ($PSBoundParameters['MaxAge'] -notlike $(if ($NewSettings.MaximumAge -like \"unlimited\") { 0 }else { $NewSettings.MaximumAge }))) {\r\n        $NetExeError = $true\r\n        Write-Host \"Maximum Age was not set correctly.\"\r\n    }\r\n    if ($PSBoundParameters.ContainsKey(\"MinAge\") -and ($PSBoundParameters['MinAge'] -notlike $NewSettings.MinimumAge)) {\r\n        $NetExeError = $true\r\n        Write-Host \"Minimum Age was not set correctly.\"\r\n    }\r\n    if ($NetExeError) {\r\n        exit 1\r\n    }\r\n}\r\nend {}<\/pre>\n<p>&nbsp;<\/p>\n\n<div class=\"in-context-cta\"><p>Acc\u00e9dez \u00e0 plus de 700\u00a0scripts dans le Dojo NinjaOne<\/p>\n<p><a href=\"https:\/\/www.ninjaone.com\/freetrialform\/\">Obtenir l&rsquo;acc\u00e8s<\/a><\/p>\n<\/div>\n<h2>Description d\u00e9taill\u00e9e<\/h2>\n<p>Le script fourni utilise les capacit\u00e9s de PowerShell pour modifier les strat\u00e9gies de mot de passe sur Windows\u00a0:<\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><strong>Cmdlet Binding<\/strong> : le script commence par lier la strat\u00e9gie \u00e0 la cmdlet, ce qui lui permet d&rsquo;accepter des param\u00e8tres tels que \u00ab Length \u00bb, \u00ab MinAge \u00bb et \u00ab MaxAge \u00bb.<\/li>\n<li><strong>Test-IsElevated<\/strong> : une fonction garantissant que le script s&rsquo;ex\u00e9cute avec des privil\u00e8ges \u00e9lev\u00e9s.<\/li>\n<li><strong>Get-LocalPasswordPolicy<\/strong>\u00a0: Cette fonction permet d&rsquo;obtenir la strat\u00e9gie locale actuelle en mati\u00e8re de mots de passe. Elle utilise la commande \u00ab\u00a0net.exe\u00a0\u00bb pour rassembler les attributs de la strat\u00e9gie de mot de passe et les renvoie.<\/li>\n<li><strong>Bloc \u00ab\u00a0process\u00a0\u00bb<\/strong> : c&rsquo;est ici que r\u00e9side la logique de base. Le script compare les strat\u00e9gies existantes et les nouveaux param\u00e8tres. En cas de diff\u00e9rences, il utilise les commandes \u00ab net.exe \u00bb pour ajuster les strat\u00e9gies.<\/li>\n<li><strong>Validation<\/strong> : une fois les modifications apport\u00e9es, le script r\u00e9cup\u00e8re les strat\u00e9gies de mot de passe mises \u00e0 jour et les compare aux param\u00e8tres pour s&rsquo;assurer que la configuration est correcte.<\/li>\n<\/ul>\n<h2>Cas d&rsquo;utilisation potentiels<\/h2>\n<p><strong>\u00c9tude de cas<\/strong> : imaginez un professionnel de l&rsquo;informatique, Seb, qui travaille dans une start-up en pleine expansion. \u00c0 la suite d&rsquo;un audit de cybers\u00e9curit\u00e9, Seb se rend compte que les strat\u00e9gies de mots de passe de nombreux comptes locaux sont faibles. Au lieu de manuellement mettre \u00e0 jour chaque syst\u00e8me, Seb d\u00e9ploie ce script sur tous les postes de travail, s&rsquo;assurant ainsi que tous les appareils respectent d\u00e9sormais la longueur et l&rsquo;anciennet\u00e9 recommand\u00e9es des mots de passe.<\/p>\n<h2>Comparaisons<\/h2>\n<p>La configuration manuelle par le biais des param\u00e8tres Windows ou des strat\u00e9gies de groupe est une option, mais elle est faillible, elle prend du temps et elle ne convient pas aux environnements plus vastes. Des outils tiers offrent des fonctionnalit\u00e9s similaires, mais peuvent \u00eatre plus complexes ou plus co\u00fbteux. Le script fourni offre une approche simple, rentable et \u00e9volutive.<\/p>\n<h2>FAQ<\/h2>\n<ul>\n<li><strong>Sur quelles versions de Windows le script fonctionne-t-il\u00a0?\u00a0<\/strong><br \/>\nLe script prend en charge Windows\u00a010 et Windows Server\u00a02016 ou ult\u00e9rieur.<\/li>\n<li><strong>Ai-je besoin de droits d&rsquo;administrateur pour ex\u00e9cuter le script\u00a0?\u00a0<\/strong><br \/>\nOui, le script n\u00e9cessite des privil\u00e8ges \u00e9lev\u00e9s pour modifier les strat\u00e9gies de mot de passe.<\/li>\n<\/ul>\n<h2>Implications<\/h2>\n<p>Une mauvaise strat\u00e9gie en mati\u00e8re de mots de passe peut entra\u00eener des acc\u00e8s non autoris\u00e9s, des violations de donn\u00e9es et des infractions aux r\u00e8gles de conformit\u00e9. En garantissant des exigences coh\u00e9rentes et strictes en mati\u00e8re de mots de passe, les entreprises peuvent r\u00e9duire consid\u00e9rablement ces risques et renforcer leur s\u00e9curit\u00e9 informatique.<\/p>\n<h2>Recommandations<\/h2>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\">R\u00e9visez et mettez r\u00e9guli\u00e8rement \u00e0 jour les strat\u00e9gies relatives aux mots de passe afin de toujours avoir une longueur d\u2019avance sur les menaces en constante \u00e9volution.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\">Assurez-vous d\u2019avoir effectu\u00e9 des sauvegardes avant d&rsquo;appliquer des changements sur un grand nombre d&rsquo;appareils.<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\">Associez ce script \u00e0 d&rsquo;autres outils d&rsquo;automatisation pour une gestion informatique compl\u00e8te.<\/li>\n<\/ul>\n<h2>Conclusion<\/h2>\n<p>Dans un contexte o\u00f9 des mesures de s\u00e9curit\u00e9 performantes sont n\u00e9cessaires, les outils qui facilitent les condition de la \u00ab\u00a0Modification de la strat\u00e9gie de mot de passe Windows\u00a0\u00bb deviennent inestimables. Pour les entreprises qui souhaitent une approche rationalis\u00e9e de la gestion de leurs actifs et configurations informatiques, des plateformes telles que NinjaOne peuvent fournir des solutions compl\u00e8tes. En int\u00e9grant de tels scripts dans des plateformes comme <a href=\"https:\/\/www.ninjaone.com\/fr\/\">NinjaOne<\/a>, les entreprises peuvent garantir des strat\u00e9gies de mot de passe optimales, ce qui se traduit par une <a href=\"https:\/\/www.ninjaone.com\/fr\/gestion-informatique-grande-entreprise\/securite\">s\u00e9curit\u00e9 et une efficacit\u00e9 op\u00e9rationnelle accrues.<\/a><\/p>\n","protected":false},"author":35,"featured_media":144896,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_lmt_disableupdate":"no","_lmt_disable":""},"operating_system":[4212],"use_cases":[4289],"class_list":["post-208431","script_hub","type-script_hub","status-publish","has-post-thumbnail","hentry","script_hub_category-windows","use_cases-gestion-des-utilisateurs-et-des-acces"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/script_hub\/208431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/script_hub"}],"about":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/types\/script_hub"}],"author":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/comments?post=208431"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/media\/144896"}],"wp:attachment":[{"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/media?parent=208431"}],"wp:term":[{"taxonomy":"script_hub_category","embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/operating_system?post=208431"},{"taxonomy":"use_cases","embeddable":true,"href":"https:\/\/www.ninjaone.com\/fr\/wp-json\/wp\/v2\/use_cases?post=208431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}