Windows Password Policy for Accounts with "Users cannot change password" checked

Posted on 2009-07-08
Medium Priority
Last Modified: 2012-05-07
We are thinking of enabling a domain password policy.  We have some account though that we do not want to reset their passwords every 90 days because they are used for services or kiosks.  Would they be exempt if we check "User cannot change password" under Active directory users and computers?
Question by:Spydergt
LVL 57

Accepted Solution

Mike Kline earned 200 total points
ID: 24807946
Check that and also check "password never expires"
They won't have to change it after 90 days that way.  
LVL 74

Expert Comment

by:Glen Knight
ID: 24811249
If you check the "user cannot change password" then all this will do is stop the user from changing the password meaning a phone call to the support desk when it expires.
You don't really need this setting, the one you need is "password never expires" as mentioned above.,

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question