Force all domain users to change password at next login...

medium_grade
medium_grade used Ask the Experts™
on
I am currently running an NT 4 domain.


Is there any way to force all users on a domain to change their passwords on the next login without flagging that property manually for each account? Ideally without having to buy any 3rd-party software.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2007
Commented:
I think this can be done using the NT User account settings, where you change the time outs and retrys.

I hope this helps !
Commented:
Hello,
I have some ideas but we need to try it on a small scale first becuase I can't test this
paste this into a text file and save it with a .vbs extension
Please run this from an adminsitrator account or one which you know has the privileges to do this

'!!!!! Begin Copy
'!!!!! Only replace the capitalized words
Set objUser = GetObject("WinNT://YOURDOMAIN/TESTUSER", user)
objUser.Put "PasswordExpired", CLng(1)
objUser.SetInfo
'!!!!! End Copy

If that doesn't work try this: ( I think this is 2000 specific)

'!!!!! Begin Copy
'!!!!! Only replace the capitalized words
Set objUser = GetObject("WinNT://YOURDOMAIN/TESTUSER", user)
objUser.Put "pwdLastSet", 0
objUser.SetInfo
'!!!!! End Copy

Commented:
Now if one of those worked then copy and paste the following code into a text file
and save it with a .vbs extension. Please note my comments first

'!!!!! Begin Copy
' Bind to the domain.
Set objDomain = GetObject("WinNT:// YOURDOMAIN")

' Filter on user objects.
objDomain.Filter = Array("user")

' Enumerate all users.
For Each objUser In objDomain
'!!!!! Change this line below depending upon which script worked
'!!!!!  if the 1st script worked then leave this alone
'!!!!! If the 2nd script worked then change objUser.Put "PasswordExpired", CLng(1)  to objUser.Put "pwdLastSet", 0
objUser.Put "PasswordExpired", CLng(1)
objUser.SetInfo

Next
'!!!!! End Copy

Hope this helps!
Commented:
The easiest way to do this would be to download dameware. (http:\\www.dameware.com). It allows you to select all your users and make changes in mass quantities. (make ev1 change their password). By the way they have a 30 day eval.

Thanks

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial