Solved

When implementing a 90 day password change in a GPO does it take effect immediately??

Posted on 2009-04-08
3
315 Views
Last Modified: 2013-12-12
We are getting ready to implement a 90 day password change in a GPO and was wondering that when we put this in place does it prompt everyone who's password is 90 days or older immediately??  Or is it 90 days from when it was implemented??

Thanks in advance for your help.
0
Comment
Question by:bob_kochanski
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 100 total points
ID: 24098186

The password age is determined using the pwdLastSet attribute on the user's properties. As such, if a user's password was changed 90 days or more ago, their password will be considered expired when the policy is implemented and they will be prompted at next login to change their password.

-Matt
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 25 total points
ID: 24098295
Matt is right on,
Before you do this you may want to run a report using a tool called old computer by MVP Joe Richards
Then you can get a sense of how many users haven't set their passwords in certain amount of days
http://www.joeware.net/freetools/tools/oldcmp/index.htm
oldcmp -report -users -age <specify days here>
 or if you want to run a report and dump all the pwdlastset attributes into an easy excel file use Joe's adfind
http://www.joeware.net/freetools/tools/adfind/index.htm
adfind -default -f  "&(objectcategory=person)(objectclass=user)" samaccountname pwdlastset -tdca -nodn -csv >  c:\users.csv
Thanks
Mike
 
0
 

Author Closing Comment

by:bob_kochanski
ID: 31568068
Thank you gentlemen.  Appreciate the quick response.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question