Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Disable password expiration prompt on a Windows 2003 terminal server.

Posted on 2007-08-02
Medium Priority
Last Modified: 2013-11-21
I have a Windows 2003 terminal server in a 2003 Active Directory domain.  The terminal server is in it's own OU with a loop back GPO applied to it.  I want to disable notification of upcoming password expiration when logging on to this server.  I do not want to disable password expiration for domain users, I just don't want them to see the "Your password will expire in X days, do you want to change it now?" prompt when they log in to this server.  Basically I don't want people changing their domain password from the terminal server, as this always leads to problems with their local machine not having their new credentials.
Question by:Mondo1287
  • 2
LVL 27

Accepted Solution

DrDave242 earned 200 total points
ID: 19621109
It's in Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options, and the setting is called "Interactive logon: Prompt user to change password before expiration."

Author Comment

ID: 19624643
Thanks.  As far as I can tell, setting this to 0 won't actually disable the prompt. At least it won't prompt them until the day it expires, which may be preferred anyway.  
LVL 27

Expert Comment

ID: 19625655
Yeah, I wasn't sure whether setting it to zero would disable it or not.  Like you said, at least it won't prompt until the day of expiration.

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question