How do I create a script to flag accounts to require passwords and force expirations?

I need to make a script for default domain policy to force all local accounts within all domain PC's to have the passwordreq flag as well as remove the "password never expires" flag.

I have been searching the interwebs with no luck.

Note that I am, at best, a novice in this area.  Any help is appreciated!
Who is Participating?
I think this is possible with vbscript to connect through the AD and adjust the settings as you mentioned.  I think there was an EE article that discussed this.
Here are different scripting examples that you could use to build the script to do the tasks you want:

In your case, you do not need to expire passwords since you suggest that you had the never-expire options set.

Note, you should do a group of users at a time rather than forcing all to change their password at once.  Also note to make sure not to expire service accounts.
This may help too:
How Can I Configure an Active Directory Account So the Password Never Expires?


Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.