Solved

Find all users who have not changed there password for more than 90 days.And then check the change password on next logon

Posted on 2007-12-02
5
271 Views
Last Modified: 2010-04-21
Hi,

Find all users who have not changed there password for more than 90 days.And then check the change password on next logon.
First list the users to a file who have not changed the password in ADS.Later another script than sets them to change the password on next logon.

Regards
Sharath
0
Comment
Question by:bsharath
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 7

Accepted Solution

by:
tcicatelli earned 300 total points
ID: 20390995
Why wouldn't you just set a policy to force all users to change their password every 90 days under account policy settings?  It's a built-in feature.  I wouldn't go to the trouble of trying to find people now.  In 90 days the point would be moot.  

If you wanted to, you could just force everyone to change their password at next login and then the policy will take care of the rest.
0
 
LVL 11

Author Comment

by:bsharath
ID: 20391020
Firstly i need to see if anyone has changed there password or not.As we have already repeatly communicated to the users to change the passwords.
First find then set the password change policy.Is there a script that i can do this...
0
 
LVL 30

Assisted Solution

by:LauraEHunterMVP
LauraEHunterMVP earned 200 total points
ID: 20391513
> "In 90 days the point would be moot."

If users haven't changed their passwords, it'll be moot in a lot less than 90 days.  If you set a maximum password age of 90 days on Monday and a user's password hasn't been changed in 91 days, they will be prompted to change at their next logon.
0
 
LVL 7

Assisted Solution

by:tcicatelli
tcicatelli earned 300 total points
ID: 20392647
Here's the location of a script that will tell you the last time a user changed their password.

http://www.rlmueller.net/PwdLastChanged.htm

As LauraEHunterMVP mentioned, just set a maximum password age of 90 days, and you can avoid using the script.
0
 
LVL 11

Author Closing Comment

by:bsharath
ID: 31412184
Thanks....
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Q&A with Course Creator, Mark Lassoff, on the importance of HTML5 in the career of a modern-day developer.
Let's recap what we learned from yesterday's Skyport Systems webinar.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question