Most settings are stored on a per user basis and are persisted in an xml file in the application data of a user profile. These settings can be modified within the password control application and there should be no need to manually edit the xml file. There is also an xml file stored within the Password Control application directory that gives access to some additional, application level settings. You can also edit this file to change the default user settings that are used.
Use nodepad or other xml/text editor to open the “PasswordControl.exe.config” file. I’d recommend making a backup copy of the “PasswordControl.exe.config” file before you start to make any changes.
Application settings are stored under an “” node under a root “” node.
Application settings are stored under the configuration\applicationSettings node. The following Application Settings are available:
Setting | Syntax | Default Value | Explination |
DisplayEnableAccount | True/False | True | Controls the visibility of the “Enable Account” button. |
DisplayDisableAccount | True/False | True | Controls the visibility of the “Disable Account” button |
DisplayForcePasswordChangeAtLogon | True/False | True | Controls the visibility of the “Force Password Change At Logon” |
DisplayAccountIsLockedOut | True/False | True | Controls the visibility of the “Account is Locked” checkbox. |
AutomaticAccountUnlock | True/False | True | Accounts are automatically unlocked when the password is changed with this setting. |
DisplayHelp | True/False | True | Controls the visibility of the “Help” menu. |
DisplayConnectAs | True/False | True | Controls the visibility of the “Connect As” menu item under the “File” menu. |
DisplayDomain | True/False | True | Controls the visibility of the “Domain” menu item under the “File” menu. |
DisplaySearch | True/False | True | Controls the visibility of the “Search” menu item under the “File” menu. NB. Users can still access the Search dialog using the F3 shortcut. |
DisplaySettings | True/False | True | Controls the visibility of the “Settings” menu item under the “File” menu. |
DisableSearch | True/False | False | Disables the Search feature. Prevents access via the menu and the F3 shortcut. |
DisplayGeneratePassword | True/False | True | Controls the visibility of the “G” button for generating passwords. |
DisplayTools | True/False | True | Controls the visiblity of the “Tools” menu. Although visible by default, the menu will only appear if VBS scripts are present in the “Scripts” folder. |
PasswordChar | Single Character | * | Controls the password character used when typing passwords in the password box. You can change the password character used or remove the password character to display passwords in clear text as typed. |
DisplayDomainPolicy | True/False | True | Controls the visibility of the “Domain Policy” option in the help menu. |
ConfirmSuccessfulPasswordChange | True/False | True | Display a message box to indicate a sucessful password change. |
AuditFailedEvents | True/False | False | Write failed password & account operations to the event log. |
AuditSuccessfulEvents | True/False | False | Write password changes & account operations to the eventlog when they succeed. |
DisplayBulkPasswordControl | True/False | True | Controls the visibility og the “Bulk Password Control” menu option. (Keyboard shortcut still works) |
DisableBulkPasswordControl | True/False | True | Disables the “Bulk Password Control” dialog. |
FindLDAPFilter | String | (|(DisplayName=?*)(cn=?*)(sAMAccountName=?*)(userPrincipalName=?*)(sn=?*)(mail=?*)) | The LDAP filter used to find user accounts when the “Check Name” button is pressed. If this option is changed the UserNameToolTipText setting should also be changed. The “?” placeholder will be replaced by the text entered in the username textbox. |
UserNameToolTipText | String | Enter the username in one of the following formats: * User logon name (Pre Windows 2000) e.g. FirstName.LastName * User Principal Name e.g. FirstName@LastName@WiseSoft.co.uk If the username is valid, it should appear in underlined font when you press the TAB key to enter a password. Alternatively, click the “Check Name” button to search the following additional fields: *DisplayName (displayName) *ObjectName (common-name,cn) *Surname (sn) *Email (mail) | The tooltip to display relating to the username textbox. |
FindUserLimit | Integer | 1000 | The maximum number of user accounts to show when the “Check Name” feature is used and multiple results are returned. |
PasswordControlScriptsPath | String | %apppath%\Scripts | The directory to search for VBS Scripts to add to the tools menu in Password Control. |
BulkPasswordControlScriptsPath | String | %apppath%\BulkScripts | The directory to search for VBS Scripts to add to the tools menu in Bulk Password Control. |
ConfirmBulkPasswordScripts | Boolean | True | Display a confirmation when selecting a VBS file to run in the tools menu of the Bulk Password Control dialog. |
DefaultPageSize | Integer | 500 | The default page size used for Active Directory searches. Can be modified to improve performance if required. |
UserFilter | String | (&(ObjectClass=User)(ObjectCategory=person)(!(showInAdvancedViewOnly=TRUE))(!(isCriticalSystemObject=TRUE))) | The default filter applied when searching for user accounts. Objects that are shown in advanced view and critical system objects are not included in searches by default. |
DisplayAccountMenu | Boolean | True | Controls the visibility of the “Account Menu”. |
DisplayUserMustChangePasswordAtNextLogon | Boolean | True | Controls the visibility of the “User must change password at next logon” option in the account menu. |
DisplayUserCannotChangePassword | Boolean | True | Controls the visibility of the “Password never expires” option in the account menu |
DisplayPasswordNeverExpires | Boolean | True | Controls the visibility of the “Password never expires” option in the account menu. |
DisplayStorePasswordUsingReversibleEncryption | Boolean | True | Controls the visibility of the “Store password using reversible encryption” option in the account menu. |
DisplayAccountIsDisabled | Boolean | True | Controls the visibility of the “Account is disabled” option in the account menu. |
DisplaySmartCardIsRequiredForInteractiveLogon | Boolean | True | Controls the visibility of the “Smart card is required for interactive logon” option in the account menu. |
DisplayAccountIsTrustedForDelegation | Boolean | True | Controls the visibility of the “Account is trusted for delegation” option in the account menu. |
DisplayAccountIsSensitiveAndCannotBeDelegated | Boolean | True | Controls the visibility of the “Account is sensitive and cannot be delegated” option in the account menu. |
DisplayUseDESEncryptionTypesForThisAccount | Boolean | True | Controls the visibility of the “Use DES encryption types for this account” option in the account menu. |
DisplayDoNotRequireKerberosPreAuthentication | Boolean | True | Controls the visibility of the “Do not require kerberos pre authentication” option in the account menu. |