What's New

Getting Started with Lithnet Password Protection for Active Directory

Posted on February 5, 2025 by BjTechNews in Active Directory, Microsoft // 0 Comments

If you’re looking to improve your Active Directory password policies, Lithnet Password Protection (LPP) is an excellent tool to enhance security. This guide will show you how to install, configure, and test LPP on your domain controller, giving you stronger password management and compliance.

What is Lithnet Password Protection?

Lithnet Password Protection (LPP) is a module for Active Directory servers that checks password changes against customizable criteria. It uses filters to either approve or reject passwords, ensuring stronger security. With LPP, you can enforce stricter policies and block weak or compromised passwords effectively.

Download and Install Lithnet Password Protection

To start, download LPP from its official GitHub page. As of now, version 1.1.53, updated on May 7th, 2023, is the latest release. Open File Explorer on your domain controller and locate the downloaded EXE file. Right-click it, select Run as Administrator, and follow the installation wizard to install components like Group Policy templates, password management tools, and the PowerShell module. After finishing the installation, reboot your domain controller. If you have multiple controllers, schedule reboots carefully to prevent disruptions and ensure proper replication.

Configure the LPP Store

The LPP store is where you manage password policies and compromised password databases. There are three configuration options: use a local copy synchronized with DFS Replication (Option 1), maintain a local store with manual updates (Option 2), or access a shared store via a network (Option 3). For this guide, we used Option 2, ideal for setups with a single domain controller. Use PowerShell to create a directory for the store (e.g., D:\LPPStore). Then, import the LPP PowerShell module and set the store path using the Set-PasswordFilterConfig command. Ensure the local system account has read access, which is typically enabled by default. This completes your basic store setup and prepares LPP for further configuration.

To continue the steps and see the process in action, please review the following YouTube video:

About BjTechNews (1090 Articles)
An IT guy trying to learn everything about technology and sharing it with you all. I'm a blogger and video blogger who highlights daily news in the tech industry, promoting tips and hacks for fellow techies.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright © 2025

Discover more from BTNHD

Subscribe now to keep reading and get access to the full archive.

Continue reading