Link to home
Create AccountLog in
Avatar of QcHoldings
QcHoldingsFlag for United States of America

asked on

"Unexpire" passwords in AD 2003 for 500+ users

Hi All,

A couple of months ago, I created more than 500 user accounts in Active Directory.  The accounts were created with a static password, assigned to each user, and they were included in the script that created the user accounts.  The problem is that I wasn't told to set the passwords to "never expire," and now the passwords are expiring, and the help desk is pitching a fit.  Setting 500+ user accounts with the "password never expires" property set is trivial.  The problem is "unexpiring" the passwords on all those accounts.  The help desk doesn't want to reset the passwords on all those accounts, and frankly I can't blame them.

Short of deleting and then recreating the accounts, then setting them so the password never expires, does anyone have an idea, tool, or script for "unexpiring" those passwords without being forced to reset the passwords?

Thanks in advance!

Avatar of isaman07
Flag of Canada image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of QcHoldings


I just thought of something.  Incredible how you can't see the trees for the forest.

Use the "Net User" command to change the passwords in a batch file...


Sorry all.  I haven't finished my coffee this morning.

I didn't realize that setting the "password never expires" check box "unexpires" the password.  I was under the impression that the only way to do this was to reset the password, even if you reset it to the same password (provided the password policy doesn't require unique passwords).


I didn't realize that setting the "password never expires" attribute would "unexpire" the password.
Yes it would.