Solved

Windows 2000 Domain Password Notification settings...

Posted on 2003-11-18
7
867 Views
Last Modified: 2010-04-13
Just joined this site, excellent resource...  On behalf of all those seeking answers, thank you to all those who contribute them!

Now to my question (I'm sure the first of many)...

In our Windows 2000 Domain, users are offered notification that they have 14 days to change their password ( our policy requires users to have to change the password every 30 days).  We find this to be a nuissance and wonder if there is anyway to change the notification value down to say 3 days.  The only thing I've played with in Group Policy is the Minimum Password Age and it makes no difference what value it is.

Thanks,
John
0
Comment
Question by:djhath
  • 3
  • 3
7 Comments
 
LVL 22

Accepted Solution

by:
Christopher McKay earned 250 total points
ID: 9774059
Hi djhath,
On your Domain controller, do this:

Click Start,
Click Programs,
Click Administrative Tools,
Click Domain Security Policy,
Select The "Local Policies"
Select "Security Options"
Browse to the "Prompt User To Change Password Before Expiration" entry.
Change the amount of time to whatever you wish.

Hope this helps!

:o)

Bartender_1
0
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9778070
Bartenders right.  If you do it with a client then the domain gpo will overwrite the client so do on the ad server to send it to everyone.
0
 
LVL 3

Author Comment

by:djhath
ID: 9778101
Thank you both for your information.  I will be attempting this as soon as I get into work this morning and will comment back with the results.

John
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 3

Author Comment

by:djhath
ID: 9779904
Have run into a problem.  When I open the Domain Security Policy on the DC, I get a Group Policy Error saying I don't have permission to perform the operation.

A couple weeks ago I put on the Administrators Group Policy with no override for the purpose of disabling the ability of Admin accounts getting locked out.  And beyond that is a Domain Policy (not Default Domain Policy) that only defines an Account Lockout and Password policies.  These are applied at the domain level.

What do I have configured wrong?
0
 
LVL 3

Author Comment

by:djhath
ID: 9779930
I just found in Group Policy the same thing as Bartender suggested:

Select The "Local Policies"
Select "Security Options"
Browse to the "Prompt User To Change Password Before Expiration" entry.

Will this work on Group Policy applied to the domain or does it have to be done under the Domain Security Policy tool?
0
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 9780920
Took me a while to get a chance to test it, but it should work just fine from the Group Policy.

:o)

Bartender_1
0
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 9781414
Thanks for the points!

I'm glad to have been able to assist you.

Cheers!

:o)

Bartender_1
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Print Server: How to Create it? 1 768
How to change folder redirection to a new server 5 743
VMware converter for windows 2000 server SP4 4 6,146
Windows 7 7 269
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question