How do I create a script to flag accounts to require passwords and force expirations?

I need to make a script for default domain policy to force all local accounts within all domain PC's to have the passwordreq flag as well as remove the "password never expires" flag.

I have been searching the interwebs with no luck.

Note that I am, at best, a novice in this area.  Any help is appreciated!
whitman911Asked:
Who is Participating?
 
arnoldCommented:
I think this is possible with vbscript to connect through the AD and adjust the settings as you mentioned.  I think there was an EE article that discussed this.
Here are different scripting examples that you could use to build the script to do the tasks you want:
http://www.computerperformance.co.uk/vbscript/vbscript_user_create.htm
www.computerperformance.co.uk/Logon/VBScript/VBScript_Windows_passwords.htm
www.activexperts.com/activmonitor/windowsmanagement/adminscripts/usersgroups/users/
www.sysoptools.com/ad-query.aspx

In your case, you do not need to expire passwords since you suggest that you had the never-expire options set.

Note, you should do a group of users at a time rather than forcing all to change their password at once.  Also note to make sure not to expire service accounts.
0
 
RobSampsonCommented:
This may help too:
How Can I Configure an Active Directory Account So the Password Never Expires?
http://www.microsoft.com/technet/scriptcenter/resources/qanda/oct06/hey1031.mspx

Regards,

Rob.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.