Go Premium for a chance to win a PS4. Enter to Win


Find all users who have not changed there password for more than 90 days.And then check the change password on next logon

Posted on 2007-12-02
Medium Priority
Last Modified: 2010-04-21

Find all users who have not changed there password for more than 90 days.And then check the change password on next logon.
First list the users to a file who have not changed the password in ADS.Later another script than sets them to change the password on next logon.

Question by:bsharath
  • 2
  • 2

Accepted Solution

tcicatelli earned 1200 total points
ID: 20390995
Why wouldn't you just set a policy to force all users to change their password every 90 days under account policy settings?  It's a built-in feature.  I wouldn't go to the trouble of trying to find people now.  In 90 days the point would be moot.  

If you wanted to, you could just force everyone to change their password at next login and then the policy will take care of the rest.
LVL 11

Author Comment

ID: 20391020
Firstly i need to see if anyone has changed there password or not.As we have already repeatly communicated to the users to change the passwords.
First find then set the password change policy.Is there a script that i can do this...
LVL 30

Assisted Solution

LauraEHunterMVP earned 800 total points
ID: 20391513
> "In 90 days the point would be moot."

If users haven't changed their passwords, it'll be moot in a lot less than 90 days.  If you set a maximum password age of 90 days on Monday and a user's password hasn't been changed in 91 days, they will be prompted to change at their next logon.

Assisted Solution

tcicatelli earned 1200 total points
ID: 20392647
Here's the location of a script that will tell you the last time a user changed their password.


As LauraEHunterMVP mentioned, just set a maximum password age of 90 days, and you can avoid using the script.
LVL 11

Author Closing Comment

ID: 31412184

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month10 days, 20 hours left to enroll

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question