Find all users who have not changed there password for more than 90 days.And then check the change password on next logon

Posted on 2007-12-02
Last Modified: 2010-04-21

Find all users who have not changed there password for more than 90 days.And then check the change password on next logon.
First list the users to a file who have not changed the password in ADS.Later another script than sets them to change the password on next logon.

Question by:bsharath
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2

Accepted Solution

tcicatelli earned 300 total points
ID: 20390995
Why wouldn't you just set a policy to force all users to change their password every 90 days under account policy settings?  It's a built-in feature.  I wouldn't go to the trouble of trying to find people now.  In 90 days the point would be moot.  

If you wanted to, you could just force everyone to change their password at next login and then the policy will take care of the rest.
LVL 11

Author Comment

ID: 20391020
Firstly i need to see if anyone has changed there password or not.As we have already repeatly communicated to the users to change the passwords.
First find then set the password change policy.Is there a script that i can do this...
LVL 30

Assisted Solution

LauraEHunterMVP earned 200 total points
ID: 20391513
> "In 90 days the point would be moot."

If users haven't changed their passwords, it'll be moot in a lot less than 90 days.  If you set a maximum password age of 90 days on Monday and a user's password hasn't been changed in 91 days, they will be prompted to change at their next logon.

Assisted Solution

tcicatelli earned 300 total points
ID: 20392647
Here's the location of a script that will tell you the last time a user changed their password.

As LauraEHunterMVP mentioned, just set a maximum password age of 90 days, and you can avoid using the script.
LVL 11

Author Closing Comment

ID: 31412184

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
A hard and fast method for reducing Active Directory Administrators members.
The viewer will learn how to use the return statement in functions in C++. The video will also teach the user how to pass data to a function and have the function return data back for further processing.
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question