Maximum Password Age

I have a stand alone Windows 2000 workstation.  This machine does not access the network.  I want to change the MaximunPasswordAge from the default 42days to 90days.  When I go into Local Security Setting, Password Policy, right click on Maximum Password Age there are 2 places that need to be changed.  Security settings and Effective settings.  I am logged on as Adminstrator and I change the security settings to 90 days.  The effective settings is still 42 days until I reboot.  Then both the Security settings and Effective settings register 90 days.  For some reason the change does not stay.  My user gets notification to change his password 28 days later and when I go back into Local security setting, password policy the settings are back to 42 days.   Does anyone have any ideas?  Thanks.
grandma1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Pete LongTechnical ConsultantCommented:
start >run >gpedit.msc

whats in

computer config >windows settings > security settings > account policies > password policy

Pete
0
Pete LongTechnical ConsultantCommented:
by defalt this is set to 42 days - "The Maximum Password Age" value
0
grandma1Author Commented:
Pee

"The Maximun Password Age" value is the default 42 days.  I want to change the default and have it stay.  Thanks
0
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

grandma1Author Commented:
Sorry Pete, my finger didn't hit properly.
0
Pete LongTechnical ConsultantCommented:
double click the value and change it to 90, if it then returns to 42 its being imposed on the server by GPO or domain security policy
0
grandma1Author Commented:
Hi Pete, both I and my supervisor have changed it to 90 and it does return to 42.  I cannot see how it would be imposed on the server by GPO or domain security policy as it is not attached to the network.  I don't have a cable attached to the box but maybe I am missing something?  Thanks
0
Pete LongTechnical ConsultantCommented:
>> I cannot see how it would be imposed on the server by GPO or domain security policy as it is not attached to the network.  I don't have a cable attached to the box but maybe I am missing something?

Has it ever been attached to a network? if so it will keep the domain security settings?
0
Pete LongTechnical ConsultantCommented:
Maximum Password Age: Maximum password age determines how long users can keep a password before they have to change it. The aim is to periodically force users to change their passwords. When this feature is used, set a value that makes sense for the specific network environment it is being applied to. Generally, a shorter period is used when security is very important and a longer period when security is less important.

The default expiration date is 42 days; however, it can be set to any value from 0 to 999. A value of zero specifies that passwords do not expire. Although it may be tempting to set no expiration date, users should change passwords regularly to ensure the network's security. Where security is a concern, good values are 30, 60, or 90 days. Where security is less important, good values are 120, 150, or 180 days
From http://www.microsoft.com/technet/security/topics/issues/w2kccadm/acctpol/w2kadm07.mspx
0
Pete LongTechnical ConsultantCommented:
and just so we are not missing the obvious - you are logged in with administrative priveledges arnt you?
0
luv2smileCommented:
Just for kickers...even tho I know it doesn't have an active network connection:

Right click my computer, properties, comptuer name, and then click "change" - to rename the comptuer or join a domain

What do you see here? Does it have checked that the comptuer is a member of a domain or a workgroup?

0
grandma1Author Commented:
Yes I am logged on with administrative privileges.  
0
grandma1Author Commented:
luv2smile,

Yes it is checked that it is a member of a workgroup.
0
grandma1Author Commented:
Pete,

It was attached to the network when it was set up in the beginning.  A Novell Network.  We are not on a domain according to my network administrator.
0
Pete LongTechnical ConsultantCommented:
>> A Novell Network

was there Novell Zenworks policies enforced?
0
grandma1Author Commented:
My network administrator says yes
0
Pete LongTechnical ConsultantCommented:
Ouch, that can be hidden anywhere in the registry :( does the server have a Novell Client on it?
0
grandma1Author Commented:
Pete, We run Netware on our Server.  My network administrator says the workstations have the Novell Client.  We are running 4.9 on the workstations. Should I try attaching the machine to the network and try something different?  Thanks  
0
Pete LongTechnical ConsultantCommented:
If its a standalond remove the netware client (you dont need it) remove it from the network card properties (ie select novell and click remove) then try again
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
grandma1Author Commented:
Hi Pete,  It has been a couple of weeks, but I uninstalled the client like you suggested and checked it both last week and this week and the maximum password age is still at 90 days.  Thanks so much.
0
Pete LongTechnical ConsultantCommented:
ThanQ
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.