Solved

Password Policy not prompting for expiration

Posted on 2011-02-14
8
1,190 Views
Last Modified: 2012-05-11
Hi Experts,

I have a SBS 2003 domain with 1 other server and ~20 workstations - windows 7 and windows xp (no vista).

None of my machines prompt when a password is about to expire, which is causing passwords to expire while users are away remotely.

I wrote out my group policy setup in the code attachment.

Does anyone have any ideas?

Thanks
Computer Configuration (Enabled)
    Windows Settings
        Security Settings
            Account Policies/Password Policy
                Enforce password history 24 passwords remembered 
                Maximum password age 42 days 
                Minimum password age 0 days 
                Minimum password length 7 characters 
                Password must meet complexity requirements Disabled 
                Store passwords using reversible encryption Disabled 

Local Policies/Security Options
    Interactive Logon
        Interactive logon: Prompt user to change password before expiration 14 days

Open in new window

0
Comment
Question by:kylegreig
8 Comments
 
LVL 10

Accepted Solution

by:
ChopperCentury earned 334 total points
ID: 34890849
Your group policy may not be accepting the Local Policies.
Log into the server directly and look under Administrative Tools, Local Security Policies.
Expand Local Policies, and Security Options...make sure your Prompt user to change password option is configured.
0
 

Author Comment

by:kylegreig
ID: 34891068
Under Default Domain Controller Security settings it hadn't been defined.

I have now set it to 14 days - will this work?
0
 
LVL 10

Assisted Solution

by:ChopperCentury
ChopperCentury earned 334 total points
ID: 34891143
That should be the ticket.
To test....create a new test OU and test User inside of that OU, along with a test GPO assigned to that OU and set the maximum password age of anything less than 14 in the GPO. Try logging in with the test user and see if you get the warning to reset your password.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 11

Expert Comment

by:Rory de Leur
ID: 34892403
Do you have a policy/setting that disables all balloon notifications?

Check these keys and remove them if you find them (the default settings will be put in place again):
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\TaskbarNoNotification
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\TaskbarNoNotification
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips

Don't forget to reboot..
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 166 total points
ID: 34893716
The only policies that will work for a password policy are LOCAL and the default domain policy:

Also, in AD users and computers, there is a checkbox under each user account that says "password never expires". That overrides the default domain policy and the local policy.
0
 
LVL 5

Expert Comment

by:NARANTHIRAN
ID: 34894132
Run gpupdate in the command prompt to update the Group policy what u have done.
0
 

Author Comment

by:kylegreig
ID: 35122863
ChopperCentury's posts sorted it out and ChiefIT's post helped with understanding. Please mark as accepted solution.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As a long-time IT Professional, the most important skill I have developed and consider to be my most valuable tool is Effective Troubleshooting. Step through my problem-solving procedure in this 10-step guide adapted from The Universal Troubleshooti…
We need a new way to communicate time sensitive or critical info.   The best part of my role at xMatters is visiting our clients all over the world to learn about how they operate their businesses, share insights that xMatters has gleaned across…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now