We help IT Professionals succeed at work.

How to restrict domain users from changing password using group policy

1,359 Views
Last Modified: 2008-07-19
Hi ,
I want to set "Password Never Expires" and "User can not change the password" option for my domain users using group policy. Is there any way to do this.. Pls let me know..

Thanks in advance,
Comment
Watch Question

Commented:
There's a way using AD. Just select a use and go to the Account Tab, and select "Password never Expires" and "User can not change the password".

If you are interested in doing this to many users in an OU, just highlight all users > Properties > Account Tab > Under Account Options enable "Password never Expires" and "User can not change the password".

Commented:
http://support.microsoft.com/kb/324744/en-us

Commented:
Here is how to set the password never expires portion.
Also you can select all your users  at once in ADUC then right click and choose passwords never expire.
Going forward when you add new users you will need to check mark that field when creating the user

Author

Commented:
I tried it by selecting all users and then changing the settings as told by "ryansoto:" and "pzozulka:" but some how it is getting deselected for few users, that's why i want to do it using group policy.

Is there any option in Group Policy to do this ?

Commented:
User Configuration>Administrative Templates>System>Ctrl+Alt+Del Options>Remove Change Password>Enabled

However, this only prevents them from changing the password from Ctrl+Alt+Del. There are other ways to change passwords, which is why instead of hiding a button from them, it would be best to all together remove the ability to change a password within AD itself the way I specified earlier.

Some users are getting deselected, because they were once selected. Make sure that you go through all the user accounts and make sure everyone is on the same page (deselected). Then follow the instructions in my 1st post.
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.