Fix test password generation rule to meet Windows complexity requirements (#10143)
This commit is contained in:
parent
f645cb8bbb
commit
431ef0372a
|
@ -10,8 +10,7 @@ Describe "Set/New/Remove-Service cmdlet tests" -Tags "Feature", "RequireAdminOnW
|
||||||
}
|
}
|
||||||
if ($IsWindows) {
|
if ($IsWindows) {
|
||||||
$userName = "testuserservices"
|
$userName = "testuserservices"
|
||||||
$Password = ([char[]]([char]33..[char]95) + ([char[]]([char]97..[char]126)) + 0..9 | Sort-Object {Get-Random})[0..12] -join ''
|
$testPass = [Net.NetworkCredential]::new("", (New-ComplexPassword)).SecurePassword
|
||||||
$testPass = (New-Object -TypeName Net.NetworkCredential("", $Password)).SecurePassword
|
|
||||||
$creds = [pscredential]::new(".\$userName", $testPass)
|
$creds = [pscredential]::new(".\$userName", $testPass)
|
||||||
$SecurityDescriptorSddl = 'D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;SU)'
|
$SecurityDescriptorSddl = 'D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;SU)'
|
||||||
$WrongSecurityDescriptorSddl = 'D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BB)(A;;CCLCSWLOCRRC;;;SU)'
|
$WrongSecurityDescriptorSddl = 'D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BB)(A;;CCLCSWLOCRRC;;;SU)'
|
||||||
|
|
|
@ -23,6 +23,7 @@ FunctionsToExport = @(
|
||||||
'Enable-Testhook'
|
'Enable-Testhook'
|
||||||
'Get-RandomFileName'
|
'Get-RandomFileName'
|
||||||
'New-RandomHexString'
|
'New-RandomHexString'
|
||||||
|
'New-ComplexPassword'
|
||||||
'Send-VstsLogFile'
|
'Send-VstsLogFile'
|
||||||
'Set-TesthookResult'
|
'Set-TesthookResult'
|
||||||
'Start-NativeExecution'
|
'Start-NativeExecution'
|
||||||
|
|
|
@ -344,3 +344,22 @@ function Test-CanWriteToPsHome
|
||||||
|
|
||||||
$script:CanWriteToPsHome
|
$script:CanWriteToPsHome
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Creates a password meeting Windows complexity rules
|
||||||
|
function New-ComplexPassword
|
||||||
|
{
|
||||||
|
$numbers = "0123456789"
|
||||||
|
$lowercase = "abcdefghijklmnopqrstuvwxyz"
|
||||||
|
$uppercase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||||
|
$symbols = "~!@#$%^&*_-+=``|\(){}[]:;`"'<>,.?/"
|
||||||
|
$password = [string]::Empty
|
||||||
|
# Windows password complexity rule requires minimum 8 characters and using at least 3 of the
|
||||||
|
# buckets above, so we just pick one from each bucket twice.
|
||||||
|
# https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements
|
||||||
|
1..2 | ForEach-Object {
|
||||||
|
$Password += $numbers[(Get-Random $numbers.Length)] + $lowercase[(Get-Random $lowercase.Length)] +
|
||||||
|
$uppercase[(Get-Random $uppercase.Length)] + $symbols[(Get-Random $symbols.Length)]
|
||||||
|
}
|
||||||
|
|
||||||
|
$password
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue