?
Solved

Password Never Expires greyed out

Posted on 2003-03-15
13
Medium Priority
?
528 Views
Last Modified: 2010-08-05
Hey all. We've got an issue that is causing security alerts and are trying to figure this out.

The server was a member server before. The administrator account was set to "password never expires". After using DCPROMO and promoting it to DC in a new domain, the "password never expires" check box is now greyed out, but is still checked. We are in need of unchecking this box but cannot figure out how to do it. Anyone have this issue and solve it?

Thanks for your help.

Art
0
Comment
Question by:arthurfl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 3
  • +1
13 Comments
 
LVL 26

Expert Comment

by:Vahik
ID: 8147078
I hope this would help

   There is no issue to be solve that is build in and default administrator that window 2000 creates and that box is always grayed out .If u want u could create another administrator with same membership and that one u could have that option. U could also right click on the administrator and press reset the password if u want.
0
 

Author Comment

by:arthurfl
ID: 8147139
Hey Vahik.  Thanks for the response.  What confuses me is that the administrator account is NOT greyed out if it is not on a domain controller.  It's only a local domain controller that greys out that button.  Any suggestions?

Thanks,
Art
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8147196
there is only one DC there  is no such thing as local domain controller and they all have the same default unless u create another admin with same permissins and membership and u delete the origional one.
But I would only suggest renaming that administrator instead.
0
What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

 

Author Comment

by:arthurfl
ID: 8147260
Hey Vahik.  Thanks for the response.  What confuses me is that the administrator account is NOT greyed out if it is not on a domain controller.  It's only a local domain controller that greys out that button.  Any suggestions?

Thanks,
Art
0
 

Author Comment

by:arthurfl
ID: 8147262
Hey there....what I mean by local domain controller is the local administrator account ON the domain controller for the domain.  I was hoping there was some registry setting where we could uncheck that box cause even renaming the account or changing permissions will still through that security alert of having a password that doesn't expire.

Thanks again,
Art
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8147324
usualy companies make the administrator passwords very complex so they dont want to change the password every day unless they have to they do it manualy by reseting the password .specially  they dont want someone to apply a policy to screw up administrators password  But like I said u could create a name with same mambership and permissions and delete that one if u want.
0
 
LVL 2

Accepted Solution

by:
matguy earned 150 total points
ID: 8148720
Probably the biggest reason I can see to have that greyed out is for protection of the Administrator password in a multi-admin setting.  You want your password changes to be a collaberated event so all have the correct information, not a spur of the moment system warning reply. Any other passowrd in the system can be replaced by the administrator account, but if there is only one administrator account and the administrators are locked out of it the system quickly becomes useless.

It's a safeguard to keep the Administrator account working.
0
 

Author Comment

by:arthurfl
ID: 8151391
Hey there.  It's starting to look like that there is nothing we can do about getting that box greyed out.  Vahik's idea of changing the name (which we've done) and applying different permissions may be the only way to go.  It won't stop the security alerts (box still checked), but at least they alerts will be uselss because it's an account with no privs.  If anyone does have a certain idea how to ungrey that box, keep the ideas coming.

Thanks,
Art
0
 
LVL 2

Expert Comment

by:matguy
ID: 8153305
I don't understand what's causing the security alerts, with the box checked it shouldn't ask for the password to be changed.  Is it some other application that's surveying your security that's giving you this alert?
0
 

Author Comment

by:arthurfl
ID: 8153860
Hey there.  Yes, it's a third party application that scans all our boxes and looks for things like that.  So we either uncheck that box somehow (which is my preference), or we have them stop scanning for that issue.  I'd rather have it unchecked as we want them to continue to scan for that.

Art
0
 

Author Comment

by:arthurfl
ID: 8153863
Hey there.  Yes, it's a third party application that scans all our boxes and looks for things like that.  So we either uncheck that box somehow (which is my preference), or we have them stop scanning for that issue.  I'd rather have it unchecked as we want them to continue to scan for that.

Art
0
 
LVL 2

Expert Comment

by:matguy
ID: 8154247
Well, instead of changing a safeguard that could lock you out of your domain controler, I would contact the third party software maker and see if there's a way you can set it to not check for the expired pasword setting on the domain controler only (being you can't, and really shouldn't if you could turn it on anyway.)
0
 
LVL 5

Expert Comment

by:cempasha
ID: 8598042
This question is still open and getting old. If any of the comment(s) above helped you please accept it as an answer or split the points who ever helped you in this question. Your attention in finalising this question is very much appreciated. Thanks in advance,

****** PLEASE DO NOT ACCEPT THIS AS AN ANSWER ********

- If you would like to close this question and have your points refunded, please post a question in community support area on http://www.experts-exchange.com/Community_Support/ giving the address of this question. Thank you      

Pasha

Cleanup Volunteer


0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question