具体来说,我一直在 MSDN 和 Technet 上寻找 Windows 针对以下情况使用的默认美式英语错误消息帐户策略设置:
- 强制密码历史记录
- 密码最长使用期限
- 密码最短使用期限
- 最小密码长度
- 密码必须符合复杂性要求
有没有人知道它们是什么。我有点懒,尽量避免设置它们、破坏它们并记下错误消息!我的 Google-foo 今天让我失望了。
答案1
密码相关字符串
以下 Microsoft 文章提供了常见登录错误消息的列表以及简要说明:工作站登录。它是为 Windows 2000 编写的,但可能仍然适用。
以下是 NirSoft 提供的一些 XP 消息:Windows XP DLL 文件信息 - msgina.dll
文本转储
这些应该是所有包含单词 的消息password
,直接来自 Windows 7 SP1:
// kernel32.dll.mui
86, "The specified network password is not correct."
615, "The password provided is too short to meet the policy of your user account.\nPlease choose a longer password."
616, "The policy of your user account does not allow you to change passwords too frequently.\nThis is done to prevent users from changing back to a familiar, but potentially discovered, password.\nIf you feel your password has been compromised then please contact your administrator immediately to have a new one assigned."
617, "You have attempted to change your password to one that you have used in the past.\nThe policy of your user account does not allow this. Please select a password that you have not previously used."
1057, "The account name is invalid or does not exist, or the password is invalid for the account name specified."
1216, "The format of the specified password is invalid."
1304, "The password is too complex to be converted to a LAN Manager password. The LAN Manager password returned is a NULL string."
1323, "Unable to update the password. The value provided as the current password is incorrect."
1324, "Unable to update the password. The value provided for the new password contains values that are not allowed in passwords."
1325, "Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain."
1326, "Logon failure: unknown user name or bad password."
1327, "Logon failure: user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced."
1330, "Logon failure: the specified account password has expired."
1386, "A cross-encrypted password is necessary to change a user password."
1390, "A cross-encrypted password is necessary to change this user password."
1397, "Mutual Authentication failed. The server's password is out of date at the domain controller."
1907, "The user's password must be changed before logging on the first time."
2108, "The network connection was made successfully, but the user had to be prompted for a password other than the one originally specified."
8529, "Security Account Manager needs to get the boot password."
-2147467238, "The server process could not be started because the configured identity is incorrect. Check the username and password."
-2146368492, "The identity or password set on the application is not valid"
-2144272340, "Group Policy settings require that a recovery password be specified before encrypting the drive."
-2144272334, "The recovery password file was not found because a relative path was specified. Recovery passwords must be saved to a fully qualified path. Environment variables configured on the computer can be used in the path."
-2144272332, "The recovery key provided is corrupt and cannot be used to access the drive. An alternative recovery method, such as recovery password, a data recovery agent, or a backup version of the recovery key must be used to recover access to the drive."
-2144272331, "The format of the recovery password provided is invalid. BitLocker recovery passwords are 48 digits. Verify that the recovery password is in the correct format and then try again."
-2144272329, "The Group Policy setting requiring FIPS compliance prevents a local recovery password from being generated or used by BitLocker Drive Encryption. When operating in FIPS-compliant mode, BitLocker recovery options can be either a recovery key stored on a USB drive or recovery through a data recovery agent."
-2144272328, "The Group Policy setting requiring FIPS compliance prevents the recovery password from being saved to Active Directory. When operating in FIPS-compliant mode, BitLocker recovery options can be either a recovery key stored on a USB drive or recovery through a data recovery agent. Check your Group Policy settings configuration."
-2144272324, "The BitLocker startup key or recovery password cannot be found on the USB device. Verify that you have the correct USB device, that the USB device is plugged into the computer on an active USB port, restart the computer, and then try again. If the problem persists, contact the computer manufacturer for BIOS upgrade instructions."
-2144272323, "The BitLocker startup key or recovery password file provided is corrupt or invalid. Verify that you have the correct startup key or recovery password file and try again."
-2144272322, "The BitLocker encryption key cannot be obtained from the startup key or recovery password. Verify that you have the correct startup key or recovery password and try again."
-2144272292, "Group Policy settings do not permit the creation of a recovery password."
-2144272291, "Group Policy settings require the creation of a recovery password."
-2144272278, "Group Policy settings do not permit the creation of a password."
-2144272277, "Group Policy settings require the creation of a password."
-2144272276, "The Group Policy setting requiring FIPS compliance prevents passwords from being generated or used. Please contact your system administrator for more information."
-2144272275, "A password cannot be added to the operating system drive."
-2144272256, "Your password does not meet minimum password length requirements. By default, passwords must be at least 8 characters in length. Check with your system administrator for the password length requirement in your organization."
-2144272255, "Your password does not meet the complexity requirements set by your system administrator. Try adding upper and lowercase characters, numbers, and symbols."
-2144272240, "BitLocker Drive Encryption cannot be applied to this drive because there are conflicting Group Policy settings for recovery options on operating system drives. Storing recovery information to Active Directory Domain Services cannot be required when the generation of recovery passwords is not permitted. Please have your system administrator resolve these policy conflicts before attempting to enable BitLocker."
-2144272239, "BitLocker Drive Encryption cannot be applied to this drive because there are conflicting Group Policy settings for recovery options on fixed data drives. Storing recovery information to Active Directory Domain Services cannot be required when the generation of recovery passwords is not permitted. Please have your system administrator resolve these policy conflicts before attempting to enable BitLocker."
-2144272238, "BitLocker Drive Encryption cannot be applied to this drive because there are conflicting Group Policy settings for recovery options on removable data drives. Storing recovery information to Active Directory Domain Services cannot be required when the generation of recovery passwords is not permitted. Please have your system administrator resolve these policy conflicts before attempting to enable BitLocker."
// winlogon.exe.mui
1004, "Changing password..."
1301, "Your password has been changed."
1302, "The system cannot change your password now because the domain %s is not available."
1303, "The User name or old password is incorrect. Letters in passwords must be typed using the correct case."
1304, "You do not have permission to change your password."
1305, "The password on this account cannot be changed at this time."
1306, "Unable to change your password because the computer you selected is not the Domain Controller of the domain. Type the name of the domain or the name of the Domain Controller and try again."
1307, "Please type a password which meets these requirements."
1308, "Your new password does not meet the minimum length or password history and complexity requirements. Please type a different password."
1309, "Your password must be at least %hu characters; cannot repeat any of your previous %hu passwords; must be at least %ld days old; must contain capitals, numerals or punctuation; and cannot contain your account or full name."
1310, "Your password must be at least %hu characters, cannot repeat any of your previous %hu passwords and must be at least %ld days old."
1311, "Unable to change the password on this account due to the following error:\n\n%d : %s\n\nPlease consult your system administrator."
1312, "Unable to change your network provider password."
2010, "Consider changing your password"
2011, "Your password will expire in %ld days."
2012, "Your password expires today."
2027, "Your password will expire tomorrow."
2028, "\nTo change your password, press CTRL+ALT+DELETE and then click \"Change a password...\"."
2042, "Please lock this computer, then unlock it using your most recent password or smart card."
2046, "\nTo change your password, press CTRL+ALT+END and then click \"Change a password...\"."
4000, "Do you want to allow this application to read your stored user name and password?"
// authui.dll.mui
11401, "The passwords you entered did not match."
11402, "Please enter a user name and password."
11601, "The user name or password is incorrect."
11609, "The password on this account cannot be changed at this time."
11610, "The password for this account has expired. To change the password, click OK, click Switch User, and then log on."
11611, "Your password has expired and must be changed."
11613, "Your password has been changed."
14101, "To continue, type an administrator password, and then click Yes."
-1342172277, "The username/password credential provider failed to enumerate tiles."
-1342172275, "The autologon password could not be loaded."
-1342172274, "The autologon password could not be loaded. Details: %1"
// kerberos.dll.mui
1073741828, "The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server %1. The target name used was %3. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (%2) is different from the client domain (%4), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server."
-2147483634, "The password stored in Credential Manager is invalid. This might be caused by the user changing the password from this computer or a different computer. To resolve this error, open Credential Manager in Control Panel, and reenter the password for the credential %1."
自己做
下载资料黑客。
获取
winlogon.exe.mui
本地化文件,该文件通常位于美国英语 Windows 系统(Vista 及更高版本)的以下文件夹中:C:\Windows\System32\en-US
使用 ResHacker 打开文件,然后浏览字符串表和/或消息表部分,以可用部分为准。您也可以按Ctrl+F来查找特定单词。
根据需要重复步骤 2-3。
笔记获取正确的文件可能需要一些猜测。