PowerShell :: Function to check password against Windows Domain rules.

Test-PasswordForDomain.ps1

function Test-PasswordForDomain {
	param (
		[Parameter(Mandatory=$true)]
		[string]$Password,
		[Parameter(Mandatory=$false)]
		[string]$AccountSamAccountName = "",
		[Parameter(Mandatory=$false)]
		[string]$AccountDisplayName,
		[Microsoft.ActiveDirectory.Management.ADEntity]$PasswordPolicy = (Get-ADDefaultDomainPasswordPolicy -ErrorAction SilentlyContinue)
	)

	[string]$script:FailReason = $null

	If ($Password.Length -lt $PasswordPolicy.MinPasswordLength) {
		$script:FailReason = 'Too Short.'
		return $false
	}

	if (($AccountSamAccountName) -and ($Password -match "$AccountSamAccountName")) {
		$script:FailReason = 'Contains SAM Account Name.'
		return $false
	}

	if ($AccountDisplayName) {
		$tokens = $AccountDisplayName.Split(",.-,_ #`t")
		foreach ($token in $tokens) {
			if (($token) -and ($Password -match "$token")) {
				$script:FailReason = 'Contains part of Display Name.'
				return $false
			}
		}
	}

	if ($PasswordPolicy.ComplexityEnabled -eq $true) {
		If (($Password -cmatch "[A-Z\p{Lu}\s]") `
			-and ($Password -cmatch "[a-z\p{Ll}\s]") `
			-and ($Password -match "[\d]") `
			-and ($Password -match "[^\w]")
		) { 
			return $true
		} else {
			$script:FailReason = 'Does not meet basic Windows complexity requirements.'
			return $false
		}
	}

	return $true
}

# Example
If (!(Test-PasswordForDomain "Apass!") {
  Write-Host 'Failed : ' + $FailReason
} else {
  Write-Host 'Passed'
}

Credit/more info: https://www.checkyourlogs.net/active-directory-password-complexity-check-powershell-mvphour/