Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Can a virus cause passwords to expire on a network?

Posted on 2009-04-03
8
Medium Priority
?
198 Views
Last Modified: 2013-12-04
At my job every network login that did not have the "password never expires" checkbox checked in Active Directory was prompted to change passwords.  Individually, user accounts did not have a expiration date.  After looking more in depth I found a group policy for the entire district where passwords have a max age of 45 days.  However, I don't believe that anyone specifically set that.  Can a virus set that policy?  

In addition we had to temporarily shut down our firewall that was incorrectly blocking secure traffic.
0
Comment
Question by:AtypicalIC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 4

Expert Comment

by:thsteph
ID: 24065218
that's a group policy and is intended for maximizing the security, not minimizing it ... don't thing a virus could do that.

regards
0
 
LVL 4

Expert Comment

by:thsteph
ID: 24065231
btw ... isn't that the default policy for expiration of password?
0
 
LVL 49

Accepted Solution

by:
Akhater earned 750 total points
ID: 24065242
the 45 days comes by default
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:AtypicalIC
ID: 24065952
I know it sounds crazy to complain that a security policy is suddenly enforced. However, the odd thing is that  ALL the passwords expired at the same time even though passwords were definitely not assigned at the same time and many were, according to the policy, expired days months and even possibly years ago.

On the opposite side, is there anything that would have prevented the policy from working normally that suddenly allowed it (perhaps the firewall was blocking a network trigger message)?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 24066198
you are talking about the default domain policy right ? The default settings in 45  days on windows 2003

did you upgrade your domain from 2000 to 2003 or something similar ?

btw why is this question in the exchange section ?
0
 
LVL 4

Expert Comment

by:thsteph
ID: 24066873
the one and only time I faced a virus changing my password on a server was for my SA password on MSSQL. never for security policy. either way, if your policy remains on 45 days, just leave it as is an d monitor it a bit. see if it actually exparies on 45 days. maybe you have forced the group pilicy forcing the passwords to expire on the same day!!
you could always try setting it to a lower number for easier monitoring
regards
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question