Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Expiration Date when Password Never Expires is Unchecked

Posted on 2008-10-13
2
Medium Priority
?
786 Views
Last Modified: 2013-12-04
Most of our users have "Password Never Expires" checked in their account properties. Currently, our password policy will prompt the user to change the password every 90 days. If a user has a password that is over 90 days old and their password is set to never expire, will that user recieve a prompt to change their password the first time that the user attempts to login if the "Password Never Expires" check is removed from their account?

If someone knows the answer to this, could they also provide a link so that I can read up on this?
0
Comment
Question by:Joseph Moody
2 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 2000 total points
ID: 22703870
Password expirations are based on the value of the pwdAge attribute, which is computed based on the date/time that the password was last set/changed. Once the "Password never expires" check-box is removed, if the account has a pwdAge value that is older than the maximum password age configured in your Domain Password Policy, the account will be prompted to change its password on next logon.

If you have a significant number of user accounts that fall under this criteria, recommend that you stage the removal of the "Password Never Expires" flag in a gradual manner so that your help desk is not overwhelmed with support calls.
0
 
LVL 22

Author Closing Comment

by:Joseph Moody
ID: 31505605
That was exactly what I needed! Thanks!
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question