diff --git a/.vs/OpenPasswordFilter/v14/.suo b/.vs/OpenPasswordFilter/v14/.suo
new file mode 100644
index 0000000..5e075ac
Binary files /dev/null and b/.vs/OpenPasswordFilter/v14/.suo differ
diff --git a/Lists/opfgroups.txt b/Lists/opfgroups.txt
new file mode 100644
index 0000000..e69de29
diff --git a/Lists/opfregex.txt b/Lists/opfregex.txt
new file mode 100644
index 0000000..e69de29
diff --git a/OPFService/App.config b/OPFService/App.config
index 77ed642..a3f4642 100644
--- a/OPFService/App.config
+++ b/OPFService/App.config
@@ -2,5 +2,5 @@
 <configuration>
     <startup> 
         
-    <supportedRuntime version="v2.0.50727"/></startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2"/></startup>
 </configuration>
diff --git a/OPFService/NetworkService.cs b/OPFService/NetworkService.cs
index 9e25c96..d5cbf12 100644
--- a/OPFService/NetworkService.cs
+++ b/OPFService/NetworkService.cs
@@ -21,51 +21,74 @@
 using System.Net;
 using System.Net.Sockets;
 using System.IO;
+using System.Diagnostics;
+
 
 
 namespace OPFService {
-    class NetworkService {
-        OPFDictionary dict;
+  class NetworkService {
+    OPFDictionary dict;
+    OPFGroup group;
+    private void writeLog(string message, System.Diagnostics.EventLogEntryType level) {
+      using (EventLog eventLog = new EventLog("Application")) {
+        eventLog.Source = "Application";
+        eventLog.WriteEntry(message, level, 100, 1);
+      }
+    }
 
-        public NetworkService(OPFDictionary d) {
-            dict = d;
-        }
+    public NetworkService(OPFDictionary d, OPFGroup g) {
+      dict = d;
+      group = g; 
+    }
 
-        public void main() {
-            IPAddress ip = IPAddress.Parse("127.0.0.1");
-            IPEndPoint local = new IPEndPoint(ip, 5999);
-            Socket listener = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
+    public void main() {
+      IPAddress ip = IPAddress.Parse("127.0.0.1");
+      IPEndPoint local = new IPEndPoint(ip, 5999);
+      Socket listener = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
 
-            try {
-                listener.Bind(local);
-                listener.Listen(64);
-                while (true) {
-                    Socket client = listener.Accept();
-                    new Thread(() => handle(client)).Start();
-                }
-            } catch (Exception e) {
-                // don't know what to do here
-            }
+      try {
+        listener.Bind(local);
+        listener.Listen(64);
+        writeLog("OpenPasswordFilter is now running.", EventLogEntryType.Information);
+        while (true) {
+          Socket client = listener.Accept();
+          new Thread(() => handle(client)).Start();
         }
+      } catch (Exception e) {
+        // don't know what to do here
+      }
+    }
 
-        public void handle(Socket client) {
-            try {
-                NetworkStream netStream = new NetworkStream(client);
-                StreamReader istream = new StreamReader(netStream);
-                StreamWriter ostream = new StreamWriter(netStream);
-                string command = istream.ReadLine();
-                if (command == "test") {
-                    string password = istream.ReadLine();
-                    ostream.WriteLine(dict.contains(password) ? "false" : "true");
-                    ostream.Flush();
-                } else {
-                    ostream.WriteLine("ERROR");
-                    ostream.Flush();
-                }
-            } catch (Exception e) {
-
-            }
-            client.Close();
+    /*
+     * if (user is in one of the listed groups or there are no groups listed) then
+     *   if username/password combo is not acceptable then return "false" 
+     * return "true"
+     * */
+    public void handle(Socket client) {
+      try {
+        NetworkStream netStream = new NetworkStream(client);
+        StreamReader istream = new StreamReader(netStream);
+        StreamWriter ostream = new StreamWriter(netStream);
+        string command = istream.ReadLine();
+        if (command == "test") {
+          string username = istream.ReadLine();
+          string password = istream.ReadLine();
+          writeLog("Validating password for user " + username, EventLogEntryType.Information);
+          if (group.contains(username)) {
+            writeLog("User in a restricted group", EventLogEntryType.Information);
+            ostream.WriteLine(dict.contains(password) ? "false" : "true");
+          } else {
+            ostream.WriteLine("true");
+          }
+          ostream.Flush();
+        } else {
+          ostream.WriteLine("ERROR");
+          ostream.Flush();
         }
+      } catch (Exception e) {
+
+      }
+      client.Close();
     }
+  }
 }
diff --git a/OPFService/OPFDictionary.cs b/OPFService/OPFDictionary.cs
index 78b7e7b..710a44f 100644
--- a/OPFService/OPFDictionary.cs
+++ b/OPFService/OPFDictionary.cs
@@ -17,90 +17,115 @@
 
 using System;
 using System.Collections.Generic;
-using System.Collections;
 using System.IO;
 using System.Diagnostics;
+using System.Text.RegularExpressions;
 
 namespace OPFService {
-    class OPFDictionary {
-        List<string> matchlist;
-        List<string> contlist;
+  class OPFDictionary {
+    HashSet<string> matchlist;
+    List<string> contlist;
+    List<Regex> regexlist;
 
-        public OPFDictionary(string pathmatch, string pathcont) {
-            string line;
-            StreamReader infilematch = new StreamReader(pathmatch);
-            matchlist = new List<string>();
-            int a = 1;
-            while ((line = infilematch.ReadLine()) != null)
-            {
-                try
-                {
-                    matchlist.Add(line.ToLower());
-                    a += 1;
-                }
-                catch
-                {
-                    using (EventLog eventLog = new EventLog("Application"))
-                    {
-                        eventLog.Source = "Application";
-                        eventLog.WriteEntry("Died trying to ingest line number " + a.ToString() + " of opfmatch.txt.", EventLogEntryType.Information, 101, 1);
-                    }
-                }
-            }
-            infilematch.Close();
-            StreamReader infilecont = new StreamReader(pathcont);
-            contlist = new List<string>();
-            a = 1;
-            while ((line = infilecont.ReadLine()) != null)
-            {
-                try
-                {
-                    contlist.Add(line.ToLower());
-                    a += 1;
-                }
-                catch
-                {
-                    using (EventLog eventLog = new EventLog("Application"))
-                    {
-                        eventLog.Source = "Application";
-                        eventLog.WriteEntry("Died trying to ingest line number " + a.ToString() + " of opfcont.txt.", EventLogEntryType.Information, 101, 1);
-                    }
-                }
-            }
+    public void writeLog(string message, System.Diagnostics.EventLogEntryType level) {
+      using (EventLog eventLog = new EventLog("Application")) {
+        eventLog.Source = "Application";
+        eventLog.WriteEntry(message, level, 101, 1);
+      }
+    }
+    public OPFDictionary(string pathmatch, string pathcont, string pathregex) {
+
+      writeLog("Opening Match Configuration File", EventLogEntryType.Information);
+      string line;
 
+      StreamReader infilematch = new StreamReader(pathmatch);
+      matchlist = new HashSet<string>();
+      int a = 1;
+      while ((line = infilematch.ReadLine()) != null) {
+        try {
+          matchlist.Add(line.ToLower());
+          a += 1;
+        } catch {
+          using (EventLog eventLog = new EventLog("Application")) {
+            eventLog.Source = "Application";
+            eventLog.WriteEntry("Died trying to ingest line number " + a.ToString() + " of opfmatch.txt.", EventLogEntryType.Error, 101, 1);
+          }
+        }
+      }
+      infilematch.Close();
+      writeLog("Opening Contains Configuration File", EventLogEntryType.Information);
+      StreamReader infilecont = new StreamReader(pathcont);
+      contlist = new List<string>();
+      a = 1;
+      while ((line = infilecont.ReadLine()) != null) {
+        try {
+          contlist.Add(line.ToLower());
+          a += 1;
+        } catch {
+          using (EventLog eventLog = new EventLog("Application")) {
+            eventLog.Source = "Application";
+            eventLog.WriteEntry("Died trying to ingest line number " + a.ToString() + " of opfcont.txt.", EventLogEntryType.Error, 101, 1);
+          }
+        }
+      }
+      infilematch.Close();
+      writeLog("Opening Regular Expression Configuration File", EventLogEntryType.Information);
+      StreamReader infileregex = new StreamReader(pathregex);
+      regexlist = new List<Regex>();
+      a = 1;
+      while ((line = infileregex.ReadLine()) != null) {
+        try {
+          regexlist.Add(new Regex(line, RegexOptions.IgnoreCase));
+          a += 1;
+        } catch {
+          using (EventLog eventLog = new EventLog("Application")) {
+            eventLog.Source = "Application";
+            eventLog.WriteEntry("Died trying to ingest line number " + a.ToString() + " of opfregex.txt.", EventLogEntryType.Error, 101, 1);
+          }
         }
+      }
+      infileregex.Close();
+
+      writeLog("Successfully parsed all configuration files", EventLogEntryType.Information);
+
+    }
 
-        public Boolean contains(string word) {
-            foreach (string badstr in contlist)
-            {
-                if (word.ToLower().Contains(badstr))
-                {
-                    using (EventLog eventLog = new EventLog("Application"))
-                    {
-                        eventLog.Source = "Application";
-                        eventLog.WriteEntry("Password attempt contains poison string " + badstr +", case insensitive.", EventLogEntryType.Information, 101, 1);
-                    }
-                    return true;
-                }
-            }
-            if (matchlist.Contains(word))
-            {
-                using (EventLog eventLog = new EventLog("Application"))
-                {
-                    eventLog.Source = "Application";
-                    eventLog.WriteEntry("Password attempt matched a string in the bad password list", EventLogEntryType.Information, 101, 1);
-                }
-                return true;
-            }
-            else
-            {
-                using (EventLog eventLog = new EventLog("Application"))
-                {
-                    eventLog.Source = "Application";
-                    eventLog.WriteEntry("Password passed custom filter.", EventLogEntryType.Information, 101, 1);
-                }
-                return false;
-            }
+    public Boolean contains(string word) {
+      foreach (string badstr in contlist) {
+        if (word.ToLower().Contains(badstr)) {
+          using (EventLog eventLog = new EventLog("Application")) {
+            eventLog.Source = "Application";
+            eventLog.WriteEntry("Password attempt contains poison string " + badstr + ", case insensitive.", EventLogEntryType.Information, 101, 1);
+          }
+          return true;
         }
+      }
+
+      if (matchlist.Contains(word)) {
+        using (EventLog eventLog = new EventLog("Application")) {
+          eventLog.Source = "Application";
+          eventLog.WriteEntry("Password attempt matched a string in the bad password list", EventLogEntryType.Information, 101, 1);
+        }
+        return true;
+      }
+
+      foreach (Regex r in regexlist) {
+
+        Match m = r.Match(word);
+        if (m.Success) {
+          using (EventLog eventLog = new EventLog("Application")) {
+            eventLog.Source = "Application";
+            eventLog.WriteEntry("Password attempt matched this regular express: " + r.ToString(), EventLogEntryType.Information, 101, 1);
+          }
+          return true;
+        }
+      }
+
+      using (EventLog eventLog = new EventLog("Application")) {
+        eventLog.Source = "Application";
+        eventLog.WriteEntry("Password passed custom filter.", EventLogEntryType.Information, 101, 1);
+      }
+      return false;
     }
+  }
 }
diff --git a/OPFService/OPFGroup.cs b/OPFService/OPFGroup.cs
new file mode 100644
index 0000000..77cefa9
--- /dev/null
+++ b/OPFService/OPFGroup.cs
@@ -0,0 +1,88 @@
+// This file is part of OpenPasswordFilter.
+// 
+// OpenPasswordFilter is free software; you can redistribute it and / or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; either version 2 of the License, or
+// (at your option) any later version.
+// 
+// OpenPasswordFilter is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
+// GNU General Public License for more details.
+// 
+// You should have received a copy of the GNU General Public License
+// along with OpenPasswordFilter; if not, write to the Free Software
+// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111 - 1307  USA
+//
+
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Diagnostics;
+using System.DirectoryServices.AccountManagement;
+
+namespace OPFService {
+  class OPFGroup {
+    List<string> grouplist;
+
+    public void writeLog(string message, System.Diagnostics.EventLogEntryType level) {
+      using (EventLog eventLog = new EventLog("Application")) {
+        eventLog.Source = "Application";
+        eventLog.WriteEntry(message, level, 101, 1);
+      }
+    }
+
+    public OPFGroup(string pathgroups) {
+      string line;
+
+      StreamReader infilematch = new StreamReader(pathgroups);
+      grouplist = new List<string>();
+      int a = 1;
+      while ((line = infilematch.ReadLine()) != null) {
+        try {
+          grouplist.Add(line.ToLower());
+          writeLog("groups are: " + line, EventLogEntryType.Information);
+          a += 1;
+        } catch {
+          writeLog("Died trying to ingest line number " + a.ToString() + " of groups file.", EventLogEntryType.Error);
+        }
+      }
+      infilematch.Close();
+      writeLog("Succesfully read " + (a - 1).ToString() + " groups.", EventLogEntryType.Information);
+    }
+
+    public Boolean contains(string username) {
+
+      // if the groups file is empty then we always check the passwords
+      if (grouplist.Count == 0) {
+        writeLog("No groups found. User's password will be validated.", EventLogEntryType.Information);
+        return true;
+      }
+
+      PrincipalContext ctx = null;
+      GroupPrincipal groupCtx = null;
+
+      ctx = new System.DirectoryServices.AccountManagement.PrincipalContext(ContextType.Domain);
+
+      foreach (String groupname in grouplist) {
+        //writeLog("trying [" + groupname + "]", EventLogEntryType.Information);
+        groupCtx = GroupPrincipal.FindByIdentity(ctx, groupname);
+        if (groupCtx != null) {
+          //writeLog("found [" + groupCtx.ToString() + "]. Finding members", EventLogEntryType.Information);
+          foreach (Principal user in groupCtx.GetMembers(true)) {
+            if (user.SamAccountName == username) {
+              writeLog("User " + username + " is in restricted group " + groupname + " and their password will be validated.", EventLogEntryType.Information);
+              ctx.Dispose();
+              groupCtx.Dispose();
+              return true;
+            }
+          }
+          groupCtx.Dispose();
+        }
+      }
+      ctx.Dispose();
+      writeLog("User " + username + " is not in a restricted group", EventLogEntryType.Information);
+      return false;
+    }
+  }
+}
diff --git a/OPFService/OPFService.csproj b/OPFService/OPFService.csproj
index f6a5b4e..62a39a6 100644
--- a/OPFService/OPFService.csproj
+++ b/OPFService/OPFService.csproj
@@ -9,9 +9,24 @@
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>OPFService</RootNamespace>
     <AssemblyName>OPFService</AssemblyName>
-    <TargetFrameworkVersion>v3.5</TargetFrameworkVersion>
+    <TargetFrameworkVersion>v4.5.2</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <TargetFrameworkProfile />
+    <PublishUrl>publish\</PublishUrl>
+    <Install>true</Install>
+    <InstallFrom>Disk</InstallFrom>
+    <UpdateEnabled>false</UpdateEnabled>
+    <UpdateMode>Foreground</UpdateMode>
+    <UpdateInterval>7</UpdateInterval>
+    <UpdateIntervalUnits>Days</UpdateIntervalUnits>
+    <UpdatePeriodically>false</UpdatePeriodically>
+    <UpdateRequired>false</UpdateRequired>
+    <MapFileExtensions>true</MapFileExtensions>
+    <ApplicationRevision>0</ApplicationRevision>
+    <ApplicationVersion>1.0.0.%2a</ApplicationVersion>
+    <IsWebBootstrapper>false</IsWebBootstrapper>
+    <UseApplicationTrust>false</UseApplicationTrust>
+    <BootstrapperEnabled>true</BootstrapperEnabled>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <PlatformTarget>AnyCPU</PlatformTarget>
@@ -22,6 +37,7 @@
     <DefineConstants>DEBUG;TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
+    <Prefer32Bit>false</Prefer32Bit>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
     <PlatformTarget>x86</PlatformTarget>
@@ -31,6 +47,7 @@
     <DefineConstants>TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
+    <Prefer32Bit>false</Prefer32Bit>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x64'">
     <DebugSymbols>true</DebugSymbols>
@@ -60,6 +77,7 @@
     <PlatformTarget>x86</PlatformTarget>
     <ErrorReport>prompt</ErrorReport>
     <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+    <Prefer32Bit>false</Prefer32Bit>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|x86'">
     <OutputPath>bin\x86\Release\</OutputPath>
@@ -69,11 +87,13 @@
     <PlatformTarget>x86</PlatformTarget>
     <ErrorReport>prompt</ErrorReport>
     <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+    <Prefer32Bit>false</Prefer32Bit>
   </PropertyGroup>
   <ItemGroup>
     <Reference Include="System" />
     <Reference Include="System.Configuration.Install" />
     <Reference Include="System.Core" />
+    <Reference Include="System.DirectoryServices.AccountManagement" />
     <Reference Include="System.Management" />
     <Reference Include="System.ServiceProcess" />
     <Reference Include="System.Xml.Linq" />
@@ -85,6 +105,7 @@
   <ItemGroup>
     <Compile Include="NetworkService.cs" />
     <Compile Include="OPFDictionary.cs" />
+    <Compile Include="OPFGroup.cs" />
     <Compile Include="Program.cs">
       <SubType>Component</SubType>
     </Compile>
@@ -111,6 +132,13 @@
       <DependentUpon>ProjectInstaller.cs</DependentUpon>
     </EmbeddedResource>
   </ItemGroup>
+  <ItemGroup>
+    <BootstrapperPackage Include="Microsoft.Net.Framework.3.5.SP1">
+      <Visible>False</Visible>
+      <ProductName>.NET Framework 3.5 SP1</ProductName>
+      <Install>true</Install>
+    </BootstrapperPackage>
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
diff --git a/OPFService/OPFService.csproj.user b/OPFService/OPFService.csproj.user
new file mode 100644
index 0000000..8221333
--- /dev/null
+++ b/OPFService/OPFService.csproj.user
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <PublishUrlHistory>publish\</PublishUrlHistory>
+    <InstallUrlHistory />
+    <SupportUrlHistory />
+    <UpdateUrlHistory />
+    <BootstrapperUrlHistory />
+    <ErrorReportUrlHistory />
+    <FallbackCulture>en-US</FallbackCulture>
+    <VerifyUploadedFiles>false</VerifyUploadedFiles>
+  </PropertyGroup>
+</Project>
\ No newline at end of file
diff --git a/OPFService/Program.cs b/OPFService/Program.cs
index 15bc417..ced5f5b 100644
--- a/OPFService/Program.cs
+++ b/OPFService/Program.cs
@@ -22,37 +22,39 @@
 using System.IO;
 
 namespace OPFService {
-    class OPFService : ServiceBase {
-        Thread worker;
-
-        public OPFService() {
-        }
-
-        static void Main(string[] args) {
-            ServiceBase.Run(new OPFService());
-        }
-
-        protected override void OnStart(string[] args) {
-            base.OnStart(args);
-            OPFDictionary d = new OPFDictionary(AppDomain.CurrentDomain.BaseDirectory + "\\opfmatch.txt", AppDomain.CurrentDomain.BaseDirectory + "opfcont.txt");
-            // OPFDictionary d = new OPFDictionary("c:\\windows\\system32\\opfmatch.txt", "c:\\windows\\system32\\opfcont.txt");
-            NetworkService svc = new NetworkService(d);
-            worker = new Thread(() => svc.main());
-            worker.Start();
-        }
-
-        protected override void OnShutdown() {
-            base.OnShutdown();
-            worker.Abort();
-        }
-
-        private void InitializeComponent()
-        {
-            // 
-            // OPFService
-            // 
-            this.ServiceName = "OPF";
-
-        }
+  class OPFService : ServiceBase {
+    Thread worker;
+
+    public OPFService() {
+    }
+
+    static void Main(string[] args) {
+      ServiceBase.Run(new OPFService());
+    }
+
+    protected override void OnStart(string[] args) {
+      base.OnStart(args);
+      OPFDictionary d = new OPFDictionary(
+          AppDomain.CurrentDomain.BaseDirectory + "\\opfmatch.txt",
+          AppDomain.CurrentDomain.BaseDirectory + "opfcont.txt",
+          AppDomain.CurrentDomain.BaseDirectory + "\\opfregex.txt");
+      OPFGroup g = new OPFGroup(AppDomain.CurrentDomain.BaseDirectory + "opfgroups.txt");  // restrict password filter to users in these groups.
+      NetworkService svc = new NetworkService(d, g);
+      worker = new Thread(() => svc.main());
+      worker.Start();
+    }
+
+    protected override void OnShutdown() {
+      base.OnShutdown();
+      worker.Abort();
+    }
+
+    private void InitializeComponent() {
+      // 
+      // OPFService
+      // 
+      this.ServiceName = "OPF";
+
     }
+  }
 }
diff --git a/OPFService/obj/x64/Release/DesignTimeResolveAssemblyReferences.cache b/OPFService/obj/x64/Release/DesignTimeResolveAssemblyReferences.cache
new file mode 100644
index 0000000..f784536
Binary files /dev/null and b/OPFService/obj/x64/Release/DesignTimeResolveAssemblyReferences.cache differ
diff --git a/OPFService/obj/x64/Release/DesignTimeResolveAssemblyReferencesInput.cache b/OPFService/obj/x64/Release/DesignTimeResolveAssemblyReferencesInput.cache
new file mode 100644
index 0000000..1a4863e
Binary files /dev/null and b/OPFService/obj/x64/Release/DesignTimeResolveAssemblyReferencesInput.cache differ
diff --git a/OPFService/obj/x64/Release/OPFService.OPFService.resources b/OPFService/obj/x64/Release/OPFService.OPFService.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/OPFService/obj/x64/Release/OPFService.OPFService.resources differ
diff --git a/OPFService/obj/x64/Release/OPFService.ProjectInstaller.resources b/OPFService/obj/x64/Release/OPFService.ProjectInstaller.resources
new file mode 100644
index 0000000..6c05a97
Binary files /dev/null and b/OPFService/obj/x64/Release/OPFService.ProjectInstaller.resources differ
diff --git a/OPFService/obj/x64/Release/OPFService.csproj.FileListAbsolute.txt b/OPFService/obj/x64/Release/OPFService.csproj.FileListAbsolute.txt
new file mode 100644
index 0000000..664c85a
--- /dev/null
+++ b/OPFService/obj/x64/Release/OPFService.csproj.FileListAbsolute.txt
@@ -0,0 +1,9 @@
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OPFService.exe.config
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OPFService.exe
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OPFService.pdb
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\OPFService\obj\x64\Release\OPFService.csprojResolveAssemblyReference.cache
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\OPFService\obj\x64\Release\OPFService.OPFService.resources
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\OPFService\obj\x64\Release\OPFService.ProjectInstaller.resources
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\OPFService\obj\x64\Release\OPFService.csproj.GenerateResource.Cache
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\OPFService\obj\x64\Release\OPFService.exe
+C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\OPFService\obj\x64\Release\OPFService.pdb
diff --git a/OPFService/obj/x64/Release/OPFService.csproj.GenerateResource.Cache b/OPFService/obj/x64/Release/OPFService.csproj.GenerateResource.Cache
new file mode 100644
index 0000000..c004851
Binary files /dev/null and b/OPFService/obj/x64/Release/OPFService.csproj.GenerateResource.Cache differ
diff --git a/OPFService/obj/x64/Release/OPFService.csprojResolveAssemblyReference.cache b/OPFService/obj/x64/Release/OPFService.csprojResolveAssemblyReference.cache
new file mode 100644
index 0000000..a10d6fc
Binary files /dev/null and b/OPFService/obj/x64/Release/OPFService.csprojResolveAssemblyReference.cache differ
diff --git a/OPFService/obj/x64/Release/OPFService.exe b/OPFService/obj/x64/Release/OPFService.exe
new file mode 100644
index 0000000..c50abf3
Binary files /dev/null and b/OPFService/obj/x64/Release/OPFService.exe differ
diff --git a/OPFService/obj/x64/Release/OPFService.pdb b/OPFService/obj/x64/Release/OPFService.pdb
new file mode 100644
index 0000000..41b76b1
Binary files /dev/null and b/OPFService/obj/x64/Release/OPFService.pdb differ
diff --git a/OPFService/obj/x64/Release/TemporaryGeneratedFile_036C0B5B-1481-4323-8D20-8F5ADCB23D92.cs b/OPFService/obj/x64/Release/TemporaryGeneratedFile_036C0B5B-1481-4323-8D20-8F5ADCB23D92.cs
new file mode 100644
index 0000000..e69de29
diff --git a/OPFService/obj/x64/Release/TemporaryGeneratedFile_5937a670-0e60-4077-877b-f7221da3dda1.cs b/OPFService/obj/x64/Release/TemporaryGeneratedFile_5937a670-0e60-4077-877b-f7221da3dda1.cs
new file mode 100644
index 0000000..e69de29
diff --git a/OPFService/obj/x64/Release/TemporaryGeneratedFile_E7A71F73-0F8D-4B9B-B56E-8E70B10BC5D3.cs b/OPFService/obj/x64/Release/TemporaryGeneratedFile_E7A71F73-0F8D-4B9B-B56E-8E70B10BC5D3.cs
new file mode 100644
index 0000000..e69de29
diff --git a/OPFTest/OPFTest.cpp b/OPFTest/OPFTest.cpp
index 104811f..3656ede 100644
--- a/OPFTest/OPFTest.cpp
+++ b/OPFTest/OPFTest.cpp
@@ -32,16 +32,18 @@ int _tmain(int argc, _TCHAR* argv[])
 {
 	WSADATA wsa;
 	PUNICODE_STRING pwd;
+	PUNICODE_STRING username;
 
 	pwd = (PUNICODE_STRING) malloc(sizeof(PUNICODE_STRING));
+	username = (PUNICODE_STRING)malloc(sizeof(PUNICODE_STRING));
 
 	printf("\n");
 	printf("----------------------------------------------------------------------\n");
 	printf("Test program for OpenPasswordFilter.dll (Josh Stone, yakovdk@gmail.com)\n");
 	printf("----------------------------------------------------------------------\n");
 	printf("\n");
-	if (argc < 2) {
-		printf("usage: opftest <password>\n");
+	if (argc < 3) {
+		printf("usage: opftest <username> <password>\n");
 		return 2;
 	}
 
@@ -63,11 +65,15 @@ int _tmain(int argc, _TCHAR* argv[])
 			if (PasswordFilter == NULL) {
 				return 1;
 			}
-			wprintf(L"Testing password %s...", argv[1]);
-			pwd->Length = wcslen(argv[1]) * sizeof(WCHAR);
-			pwd->MaximumLength = wcslen(argv[1]) * sizeof(WCHAR);
-			pwd->Buffer = argv[1];
-			if (PasswordFilter(pwd, pwd, pwd, 1)) {
+			wprintf(L"Testing username %s and password %s...", argv[1], argv[2]);
+			username->Length = wcslen(argv[1]) * sizeof(WCHAR);
+			username->MaximumLength = wcslen(argv[1]) * sizeof(WCHAR);
+			username->Buffer = argv[1];
+
+			pwd->Length = wcslen(argv[2]) * sizeof(WCHAR);
+			pwd->MaximumLength = wcslen(argv[2]) * sizeof(WCHAR);
+			pwd->Buffer = argv[2];
+			if (PasswordFilter(username, pwd, pwd, 1)) {
 				printf("success.\n");
 			}
 			else {
diff --git a/OPFTest/x64/Release/OPFTest.Build.CppClean.log b/OPFTest/x64/Release/OPFTest.Build.CppClean.log
deleted file mode 100644
index 8329901..0000000
--- a/OPFTest/x64/Release/OPFTest.Build.CppClean.log
+++ /dev/null
@@ -1,11 +0,0 @@
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\vc120.pdb
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\stdafx.obj
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\opftest.obj
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\x64\release\opftest.exe
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\x64\release\opftest.pdb
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\opftest.tlog\cl.command.1.tlog
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\opftest.tlog\cl.read.1.tlog
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\opftest.tlog\cl.write.1.tlog
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\opftest.tlog\link.command.1.tlog
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\opftest.tlog\link.read.1.tlog
-c:\users\josh stone\documents\visual studio 2013\projects\openpasswordfilter\opftest\x64\release\opftest.tlog\link.write.1.tlog
diff --git a/OPFTest/x64/Release/OPFTest.log b/OPFTest/x64/Release/OPFTest.log
new file mode 100644
index 0000000..5e7b748
--- /dev/null
+++ b/OPFTest/x64/Release/OPFTest.log
@@ -0,0 +1,15 @@
+  OPFTest.cpp
+OPFTest.cpp(69): warning C4267: '=': conversion from 'size_t' to 'USHORT', possible loss of data
+OPFTest.cpp(70): warning C4267: '=': conversion from 'size_t' to 'USHORT', possible loss of data
+OPFTest.cpp(73): warning C4267: '=': conversion from 'size_t' to 'USHORT', possible loss of data
+OPFTest.cpp(74): warning C4267: '=': conversion from 'size_t' to 'USHORT', possible loss of data
+OPFTest.cpp(60): warning C4477: 'printf' : format string '%08x' requires an argument of type 'unsigned int', but variadic argument 1 has type 'HMODULE'
+OPFTest.cpp(60): warning C4313: 'printf': '%x' in format string conflicts with argument 1 of type 'HMODULE'
+OPFTest.cpp(64): warning C4477: 'printf' : format string '%08x' requires an argument of type 'unsigned int', but variadic argument 1 has type 'PasswordFilter_t'
+OPFTest.cpp(64): warning C4313: 'printf': '%x' in format string conflicts with argument 1 of type 'PasswordFilter_t'
+  stdafx.cpp
+  Generating code
+  All 8 functions were compiled because no usable IPDB/IOBJ from previous compilation was found.
+  Finished generating code
+  OPFTest.vcxproj -> C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OPFTest.exe
+  OPFTest.vcxproj -> C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OPFTest.pdb (Full PDB)
diff --git a/OPFTest/x64/Release/OPFTest.obj b/OPFTest/x64/Release/OPFTest.obj
new file mode 100644
index 0000000..9cac514
Binary files /dev/null and b/OPFTest/x64/Release/OPFTest.obj differ
diff --git a/OPFTest/x64/Release/OPFTest.tlog/CL.command.1.tlog b/OPFTest/x64/Release/OPFTest.tlog/CL.command.1.tlog
new file mode 100644
index 0000000..2d8e432
Binary files /dev/null and b/OPFTest/x64/Release/OPFTest.tlog/CL.command.1.tlog differ
diff --git a/OPFTest/x64/Release/OPFTest.tlog/CL.read.1.tlog b/OPFTest/x64/Release/OPFTest.tlog/CL.read.1.tlog
new file mode 100644
index 0000000..a0e0ccc
Binary files /dev/null and b/OPFTest/x64/Release/OPFTest.tlog/CL.read.1.tlog differ
diff --git a/OPFTest/x64/Release/OPFTest.tlog/CL.write.1.tlog b/OPFTest/x64/Release/OPFTest.tlog/CL.write.1.tlog
new file mode 100644
index 0000000..739a379
Binary files /dev/null and b/OPFTest/x64/Release/OPFTest.tlog/CL.write.1.tlog differ
diff --git a/OPFTest/x64/Release/OPFTest.tlog/OPFTest.lastbuildstate b/OPFTest/x64/Release/OPFTest.tlog/OPFTest.lastbuildstate
new file mode 100644
index 0000000..0d41253
--- /dev/null
+++ b/OPFTest/x64/Release/OPFTest.tlog/OPFTest.lastbuildstate
@@ -0,0 +1,2 @@
+#TargetFrameworkVersion=v4.0:PlatformToolSet=v140:EnableManagedIncrementalBuild=false:VCToolArchitecture=Native32Bit:WindowsTargetPlatformVersion=8.1
+Release|x64|C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\|
diff --git a/OPFTest/x64/Release/OPFTest.tlog/link.command.1.tlog b/OPFTest/x64/Release/OPFTest.tlog/link.command.1.tlog
new file mode 100644
index 0000000..7cd14e8
Binary files /dev/null and b/OPFTest/x64/Release/OPFTest.tlog/link.command.1.tlog differ
diff --git a/OPFTest/x64/Release/OPFTest.tlog/link.read.1.tlog b/OPFTest/x64/Release/OPFTest.tlog/link.read.1.tlog
new file mode 100644
index 0000000..ebcdfec
Binary files /dev/null and b/OPFTest/x64/Release/OPFTest.tlog/link.read.1.tlog differ
diff --git a/OPFTest/x64/Release/OPFTest.tlog/link.write.1.tlog b/OPFTest/x64/Release/OPFTest.tlog/link.write.1.tlog
new file mode 100644
index 0000000..8a1b271
Binary files /dev/null and b/OPFTest/x64/Release/OPFTest.tlog/link.write.1.tlog differ
diff --git a/OPFTest/x64/Release/stdafx.obj b/OPFTest/x64/Release/stdafx.obj
new file mode 100644
index 0000000..2835ca5
Binary files /dev/null and b/OPFTest/x64/Release/stdafx.obj differ
diff --git a/OPFTest/x64/Release/vc140.pdb b/OPFTest/x64/Release/vc140.pdb
new file mode 100644
index 0000000..9cf2749
Binary files /dev/null and b/OPFTest/x64/Release/vc140.pdb differ
diff --git a/OpenPasswordFilter.VC.db b/OpenPasswordFilter.VC.db
new file mode 100644
index 0000000..edf9a84
Binary files /dev/null and b/OpenPasswordFilter.VC.db differ
diff --git a/OpenPasswordFilter/dllmain.cpp b/OpenPasswordFilter/dllmain.cpp
index 77f70d0..4f3957d 100644
--- a/OpenPasswordFilter/dllmain.cpp
+++ b/OpenPasswordFilter/dllmain.cpp
@@ -86,31 +86,38 @@ PasswordChangeNotify(PUNICODE_STRING *UserName,
 //
 //    <connect>
 //    client:   test\n
-//    client:   Password1\n
+//    client:   AccountName\nPassword1\n
 //    server:   false\n
 //    <disconnect>
 //
 
-BOOLEAN askServer(SOCKET sock, PUNICODE_STRING Password) {
-	char buffer[1024];
+BOOLEAN askServer(SOCKET sock, PUNICODE_STRING AccountName, PUNICODE_STRING Password) {
+	char buffer[1024], pbuffer[1024];
 	char *preamble = "test\n";
-	int i;
+	int ui, pi, i;
 
 	i = send(sock, preamble, (int)strlen(preamble), 0);
 	if (i != SOCKET_ERROR) {
-		int length = Password->Length / sizeof(WCHAR);
-		if (length + 2 < sizeof(buffer)) {
-			i = wcstombs(buffer, Password->Buffer, length);
-			buffer[i] = '\n';
-			buffer[i + 1] = '\0';
+		// +4 for separator and null (really username\npassword\n\0 after strcat)
+		int length = Password->Length / sizeof(WCHAR) + AccountName->Length / sizeof(WCHAR) + 4; 
+		if (length < sizeof(buffer)) {
+			ui = wcstombs(buffer, AccountName->Buffer, AccountName->Length / sizeof(WCHAR));
+			buffer[ui] = '\n';
+			buffer[ui + 1] = '\0';
+			pi = wcstombs(pbuffer, Password->Buffer, Password->Length / sizeof(WCHAR));
+			pbuffer[pi] = '\n';
+			pbuffer[pi + 1] = '\0';
+			strcat_s(buffer, 1024, pbuffer);
+			SecureZeroMemory(pbuffer, pi);
 			i = send(sock, buffer, (int)strlen(buffer), 0);
+			SecureZeroMemory(buffer, length);
 			if (i != SOCKET_ERROR) {
 				i = recv(sock, buffer, sizeof(buffer), 0);
 				if (i > 0 && buffer[0] == 'f') {
 					return FALSE;
 				}
 			}
-		}
+		} // else: buffer overflow...
 	}
 
 	return TRUE;
@@ -163,7 +170,7 @@ extern "C" __declspec(dllexport) BOOLEAN __stdcall PasswordFilter(PUNICODE_STRIN
 		}
 
 		if (sock != INVALID_SOCKET) {
-			retval = askServer(sock, Password);
+			retval = askServer(sock, AccountName, Password);
 			closesocket(sock);
 		}
 	}
diff --git a/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.command.1.tlog b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.command.1.tlog
new file mode 100644
index 0000000..f2a8e9c
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.command.1.tlog differ
diff --git a/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.read.1.tlog b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.read.1.tlog
new file mode 100644
index 0000000..80cc93a
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.read.1.tlog differ
diff --git a/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.write.1.tlog b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.write.1.tlog
new file mode 100644
index 0000000..94e634e
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/CL.write.1.tlog differ
diff --git a/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/OpenPasswordFilter.lastbuildstate b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/OpenPasswordFilter.lastbuildstate
new file mode 100644
index 0000000..0d41253
--- /dev/null
+++ b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/OpenPasswordFilter.lastbuildstate
@@ -0,0 +1,2 @@
+#TargetFrameworkVersion=v4.0:PlatformToolSet=v140:EnableManagedIncrementalBuild=false:VCToolArchitecture=Native32Bit:WindowsTargetPlatformVersion=8.1
+Release|x64|C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\|
diff --git a/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/OpenPasswordFilter.write.1u.tlog b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/OpenPasswordFilter.write.1u.tlog
new file mode 100644
index 0000000..3eff1bc
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/OpenPasswordFilter.write.1u.tlog differ
diff --git a/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.command.1.tlog b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.command.1.tlog
new file mode 100644
index 0000000..3c7bdab
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.command.1.tlog differ
diff --git a/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.read.1.tlog b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.read.1.tlog
new file mode 100644
index 0000000..48b3b85
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.read.1.tlog differ
diff --git a/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.write.1.tlog b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.write.1.tlog
new file mode 100644
index 0000000..3899bcc
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPass.C07FD07A.tlog/link.write.1.tlog differ
diff --git a/OpenPasswordFilter/x64/Release/OpenPasswordFilter.log b/OpenPasswordFilter/x64/Release/OpenPasswordFilter.log
new file mode 100644
index 0000000..c92bed7
--- /dev/null
+++ b/OpenPasswordFilter/x64/Release/OpenPasswordFilter.log
@@ -0,0 +1,16 @@
+  stdafx.cpp
+  dllmain.cpp
+dllmain.cpp(48): warning C4101: 'wsa': unreferenced local variable
+dllmain.cpp(104): warning C4267: '=': conversion from 'size_t' to 'int', possible loss of data
+dllmain.cpp(107): warning C4267: '=': conversion from 'size_t' to 'int', possible loss of data
+dllmain.cpp(104): warning C4996: 'wcstombs': This function or variable may be unsafe. Consider using wcstombs_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
+  C:\Program Files (x86)\Windows Kits\10\Include\10.0.10240.0\ucrt\stdlib.h(1008): note: see declaration of 'wcstombs'
+dllmain.cpp(107): warning C4996: 'wcstombs': This function or variable may be unsafe. Consider using wcstombs_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
+  C:\Program Files (x86)\Windows Kits\10\Include\10.0.10240.0\ucrt\stdlib.h(1008): note: see declaration of 'wcstombs'
+  OpenPasswordFilter.cpp
+     Creating library C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OpenPasswordFilter.lib and object C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OpenPasswordFilter.exp
+  Generating code
+  All 6 functions were compiled because no usable IPDB/IOBJ from previous compilation was found.
+  Finished generating code
+  OpenPasswordFilter.vcxproj -> C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OpenPasswordFilter.dll
+  OpenPasswordFilter.vcxproj -> C:\Users\cdebbo.KCDSB\Documents\GitHub\OpenPasswordFilter\x64\Release\OpenPasswordFilter.pdb (Full PDB)
diff --git a/OpenPasswordFilter/x64/Release/OpenPasswordFilter.obj b/OpenPasswordFilter/x64/Release/OpenPasswordFilter.obj
new file mode 100644
index 0000000..a834497
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPasswordFilter.obj differ
diff --git a/OpenPasswordFilter/x64/Release/OpenPasswordFilter.pch b/OpenPasswordFilter/x64/Release/OpenPasswordFilter.pch
new file mode 100644
index 0000000..ee89777
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/OpenPasswordFilter.pch differ
diff --git a/OpenPasswordFilter/x64/Release/dllmain.obj b/OpenPasswordFilter/x64/Release/dllmain.obj
new file mode 100644
index 0000000..bbeef0b
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/dllmain.obj differ
diff --git a/OpenPasswordFilter/x64/Release/stdafx.obj b/OpenPasswordFilter/x64/Release/stdafx.obj
new file mode 100644
index 0000000..408a9a7
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/stdafx.obj differ
diff --git a/OpenPasswordFilter/x64/Release/vc140.pdb b/OpenPasswordFilter/x64/Release/vc140.pdb
new file mode 100644
index 0000000..b5c2a36
Binary files /dev/null and b/OpenPasswordFilter/x64/Release/vc140.pdb differ
diff --git a/README.md b/README.md
index eb7df7c..fb971df 100644
--- a/README.md
+++ b/README.md
@@ -54,8 +54,27 @@ Next, you will want to configure the OPF service.  You can do so as follows:
 
     > sc create OPF binPath= <full path to exe>\opfservice.exe start= boot
 
-Finally, create two dictionary files in the same directory where you placed opfservice.exe named `opfmatch.txt` and
-`opfcont.txt`.  These should contain one forbidden password per line, such as:
+You can then start or stop the OPF service from the command line (as an administrator) with:
+    
+    > NET START OPF
+
+or
+
+    > NET STOP OPF
+
+When the service is stopped, the various opf dictionary files can be updated.
+
+
+Finally, create several dictionary files in the same directory where you placed opfservice.exe.
+
+These are
+- `opfmatch.txt`
+- `opfcont.txt`
+- `opfregex.txt`
+- `opfgroups.txt`
+
+### opfmatch.txt and opfcont.txt
+These should contain one forbidden password per line, such as:
 
     Password1
     Password2
@@ -84,6 +103,16 @@ Or you can skip all this and use one of the installers.
    
    https://github.com/brockrob/OpenPasswordFilter/raw/master/OPFInstaller_x86.zip
 
+### opfregex.txt
+Similar to the opfmatch and opfconf files, include here regular expression - one per line - for invalid passwords. Example, including 'xx.*xx' will catch all passwords that have two x's followed by any text followed by two x's. Keep this list short as regular expression matching is more computationally expensive than simple matching or contains searches.
+
+### opfgroups.txt
+This file contains zero or more Active-Directory group names - one per line. These can be security or distribution groups. A user is considered to be in a group if they are a descendent child of the group. A user's password will only be checked if the user is a member of any group listed in this file. If the file is present but contains no groups then every user will be checked.
+
+## Event Logging
+The opfservice.exe application logs to the Application Event Log using codes 100, and 101. Searching the event log will identify what the opfservice is checking.
+
+## Production Installation Details
 The filter DLL bitness must match the OS, so choose correctly. .Net 3.5
 is still required and the installer won't handle installing it for you because Visual Studio packaging a bootstrap package for
 that version has been broken since 2008 and I didn't have the patience to roll a custom action to test the OS version and go
@@ -97,4 +126,3 @@ I've seen people base passwords on as well as some terms relevant to my environm
 If all has gone well, reboot your DC and test by using the normal GUI password reset function to choose a password that is on
 your forbidden list.
 
-
diff --git a/UpgradeLog.htm b/UpgradeLog.htm
new file mode 100644
index 0000000..eb2bf3a
Binary files /dev/null and b/UpgradeLog.htm differ
diff --git a/ipch/OPENPASSWORDFILTER-a2d6ed37/OPENPASSWORDFILTER-db654eaf.ipch b/ipch/OPENPASSWORDFILTER-a2d6ed37/OPENPASSWORDFILTER-db654eaf.ipch
new file mode 100644
index 0000000..ee67e9a
Binary files /dev/null and b/ipch/OPENPASSWORDFILTER-a2d6ed37/OPENPASSWORDFILTER-db654eaf.ipch differ
diff --git a/x64/Release/OPFService.exe b/x64/Release/OPFService.exe
new file mode 100644
index 0000000..c50abf3
Binary files /dev/null and b/x64/Release/OPFService.exe differ
diff --git a/x64/Release/OPFService.exe.config b/x64/Release/OPFService.exe.config
new file mode 100644
index 0000000..8d9f953
--- /dev/null
+++ b/x64/Release/OPFService.exe.config
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <startup> 
+        
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2"/></startup>
+</configuration>
diff --git a/x64/Release/OPFService.pdb b/x64/Release/OPFService.pdb
new file mode 100644
index 0000000..41b76b1
Binary files /dev/null and b/x64/Release/OPFService.pdb differ
diff --git a/x64/Release/OPFService.vshost.exe b/x64/Release/OPFService.vshost.exe
new file mode 100644
index 0000000..8f90da4
Binary files /dev/null and b/x64/Release/OPFService.vshost.exe differ
diff --git a/x64/Release/OPFService.vshost.exe.config b/x64/Release/OPFService.vshost.exe.config
new file mode 100644
index 0000000..8d9f953
--- /dev/null
+++ b/x64/Release/OPFService.vshost.exe.config
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+    <startup> 
+        
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.2"/></startup>
+</configuration>
diff --git a/x64/Release/OPFService.vshost.exe.manifest b/x64/Release/OPFService.vshost.exe.manifest
new file mode 100644
index 0000000..061c9ca
--- /dev/null
+++ b/x64/Release/OPFService.vshost.exe.manifest
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
+  <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
+  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
+    <security>
+      <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
+        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
+      </requestedPrivileges>
+    </security>
+  </trustInfo>
+</assembly>
diff --git a/x64/Release/OPFTest.exe b/x64/Release/OPFTest.exe
new file mode 100644
index 0000000..349c017
Binary files /dev/null and b/x64/Release/OPFTest.exe differ
diff --git a/x64/Release/OPFTest.iobj b/x64/Release/OPFTest.iobj
new file mode 100644
index 0000000..5605a48
Binary files /dev/null and b/x64/Release/OPFTest.iobj differ
diff --git a/x64/Release/OPFTest.ipdb b/x64/Release/OPFTest.ipdb
new file mode 100644
index 0000000..f164851
Binary files /dev/null and b/x64/Release/OPFTest.ipdb differ
diff --git a/x64/Release/OPFTest.pdb b/x64/Release/OPFTest.pdb
new file mode 100644
index 0000000..adfa9e7
Binary files /dev/null and b/x64/Release/OPFTest.pdb differ
diff --git a/x64/Release/OpenPasswordFilter.dll b/x64/Release/OpenPasswordFilter.dll
new file mode 100644
index 0000000..c4f60b6
Binary files /dev/null and b/x64/Release/OpenPasswordFilter.dll differ
diff --git a/x64/Release/OpenPasswordFilter.exp b/x64/Release/OpenPasswordFilter.exp
new file mode 100644
index 0000000..a7ec1d5
Binary files /dev/null and b/x64/Release/OpenPasswordFilter.exp differ
diff --git a/x64/Release/OpenPasswordFilter.iobj b/x64/Release/OpenPasswordFilter.iobj
new file mode 100644
index 0000000..903cf57
Binary files /dev/null and b/x64/Release/OpenPasswordFilter.iobj differ
diff --git a/x64/Release/OpenPasswordFilter.ipdb b/x64/Release/OpenPasswordFilter.ipdb
new file mode 100644
index 0000000..eb78c30
Binary files /dev/null and b/x64/Release/OpenPasswordFilter.ipdb differ
diff --git a/x64/Release/OpenPasswordFilter.lib b/x64/Release/OpenPasswordFilter.lib
new file mode 100644
index 0000000..f95f35e
Binary files /dev/null and b/x64/Release/OpenPasswordFilter.lib differ
diff --git a/x64/Release/OpenPasswordFilter.pdb b/x64/Release/OpenPasswordFilter.pdb
new file mode 100644
index 0000000..e437559
Binary files /dev/null and b/x64/Release/OpenPasswordFilter.pdb differ