How do I disable "User must change password at next logon" from command line?

How do I disable "User must change password at next logon" from command line?

I want to disable this flag and enable "Password never expires" on all of my local Windows 2000 user accounts (this computer is not part of an Active Directory domain, the accounts are local). Can you please provide me with a VbScript or a set of command line commands so I can do this as a batch file?

Thanks!!
LVL 2
pmosinskisAsked:
Who is Participating?
 
Chris DentConnect With a Mentor PowerShell DeveloperCommented:

All fixed. Let me know if it doesn't work.


Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000

Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName
Set colAccounts = GetObject("WinNT://" & strComputer)

colAccounts.Filter = Array("user")

For Each objUser in colAccounts
      arrFlags = objUser.Get("UserFlags")

      ' Disable Change at Next Logon

      objUser.PasswordExpired = 0
      objUser.SetInfo

      ' Enable Password Never Expires

      objUser.Put "UserFlags", arrFlags XOr ADS_UF_DONT_EXPIRE_PASSWD
      objUser.SetInfo
Next
0
 
Chris DentPowerShell DeveloperCommented:
Hi,

This works in part, but because pwdLastSet is an AD specific property setting it at the moment doesn't work. Still I'll look into it in the morning, you can have this for now at least (VBScript):


Const ADS_UF_DONT_EXPIRE_PASSWD = &H10000

Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName
Set colAccounts = GetObject("WinNT://" & strComputer & "")

colAccounts.Filter = Array("user")

For Each objUser in colAccounts
    arrFlags = objUser.Get("UserFlags")

    ' Disable Change at Next Logon

    ' objUser.Put "pwdLastSet", 1
    ' objUser.SetInfo

    ' Enable Password Never Expires

    If (arrFlags And ADS_UF_DONT_EXPIRE_PASSWD) <> 0 Then
        objUser.Put "UserFlags", arrFlags XOr ADS_UF_DONT_EXPIRE_PASSWD
        objUser.SetInfo
    End If
Next


Regards,

Chris
0
 
Herve CHEVALIERCommented:
Solution :

Set usr = GetObject("LDAP://CN=user, OU=Accounts, DC=domainname, DC=Com")
usr.Put "pwdLastSet", CLng(-1)
usr.SetInfo

Done on thousands account AD Windows 2003 today.
0
 
cbeene1872Commented:
Thanks for this info!  Helped me a BUNCH!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.