🕫 NEW 🕫- Kaseya Certified Expert Training Camp launches on 8/23. Class size is limited. Learn more > https://www.community.connectit.com/events/28-kaseya-certified-expert-traincamp-august-23rd-september-2nd

Enforce Password Policy

Kaseya Automation Team
Kaseya Automation Team USMember, Kaseya Certified CHOCOLATE MILK
edited January 24 in Solutions

Product Name: Enforce Password Policy

Description : This agent procedure will deliver an exported secedit config file to the target machine and execute it.
Additionally, it will set the screensaver timeout to 10 minutes (600 seconds), and activate the timeout. You can configure this on line 4 of the agent procedure.


The included securityconfig.cfg is a default export from a Windows 10 non-domain joined machine, with the following changes

Line 5: MaximumPasswordAge = 90 (default "-1" - never expire)
Line 6: MinimumPasswordLength = 12 (default "0" - no minimum length)
Line 7: PasswordComplexity = 1 (default "0" - do not enforce complexity)
Line 9: LockoutBadCount = 6 (default "0" - never lock account)

If you wish, you can edit the "securityconfig.cfg" in a text editor to change the values that you want for your organisation.

Should you have a machine with all the settings already in place, and just wish to copy those settings to all machines, you can run this command to export the SecurityConfig.cfg file and upload this in place of the file that is supplied.

To use your own securityConfig.cfg file:

1. Open an admin command prompt
2. secedit /export /cfg c:\temp\securityconfig-default.cfg
3. upload the resultant c:\temp\securityconfig-default.cfg to the Shared Files area of the Kaseya Server

The proceedure will write the results of the procedure to the Agent Procedure Log.
The following 2 lines will be written

Password Policy Result for : NOTEXECUTED / SUCCESS / FAIL

NOTEXECUTED - this should not be seen. It is the default value, and should change to a or once the procedure completes
SUCCESS - the procedure completed this part and was successful
FAIL - the procedure completed this part but encountered an error
USER NOT LOGGED IN - a user was not logged in at the time that the procedure ran, and therefore the Sreen lock settings were not applied.
Please note: The screen saver settings are on a per-user basis, so should this be a multi-user machine, you would have to run this for each user in order to set each user's screensaver settings.

Instructions :

Please see instructions text file in zip file.


  • Madhav
    Madhav Member
    edited April 2021

    is this for MacOS and Ubuntu OS also if not kindly provide for both

  • Mark Sanchez
    Mark Sanchez Member CHOCOLATE MILK
    edited April 2021

    Will this set credentials for admin accs on all users?

Weekly Leaderboard