Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to make a password expire now?

Posted on 2010-08-24
5
Medium Priority
?
900 Views
Last Modified: 2012-05-10
Hi experts!

I know how to reset a password and force the user to change his password at next logon. This is NOT what I am looking for here.

For testing purposes I need to make a single domain user account's password expire at a given time without changing the whole password policy. Is there a way?
The net user /expire switch is not meant for passwords but for accounts.

The domain functional level is 2008 if of interest, so PSOs could be one solution. Any other solution?
0
Comment
Question by:McKnife
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 600 total points
ID: 33509125
The most simple way is the PSO. It is not so simple modifing password expires stamp in user's object.
0
 
LVL 7

Assisted Solution

by:gnegrota
gnegrota earned 600 total points
ID: 33509344
0
 
LVL 85

Accepted Solution

by:
oBdA earned 800 total points
ID: 33509403
PSOs are actually the only solution (unless you create a scheduled task that sets the password to "expired" on a certain date, but that's sort of "cheating", at least if you want to test the password policy).
The password expiration date is calculated dynamically based on the PwdLastSet AD attribute and maxPwdAge. For security reasons, only System is allowed to change PwdLastSet to an actual date; the only changes allowed when programmatically changing this attribute are 0 (password expired, user must change it) and -1 (password set today, user is not required to change it).
0
 
LVL 56

Author Comment

by:McKnife
ID: 33509486
The vbscript could be interesting, however, the window title is password reset script - what does it do? After finding the test user, it says "User found: choose which one to reset pw to default"
1. testuser

If I choose 1, it simply starts over and the attribute password last set doews not change - is this expected? Did you ever use this script yourself?
0
 
LVL 56

Author Comment

by:McKnife
ID: 33509902
You know what?
Nevermind.

The PSO solution is ok and to be honest, not until writing down the question, I came up with the same thought that's why it appears late in the final sentence.

I will divide the points.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question