Solved

Active directory - password about to expire

Posted on 2012-03-18
5
304 Views
Last Modified: 2012-03-19
Hi AD experts,

When I log into my computer in the office and get a messaging saying "password is about to expire, would you like to change it now" is that controlled on the AD server? Our AD servers are windows 2008.

Is there also a place within AD to say how many days in advance before sending the notifications?
0
Comment
Question by:trojan81
  • 4
5 Comments
 
LVL 21

Accepted Solution

by:
yo_bee earned 500 total points
ID: 37735372
Question 1:
This is controlled by Policies either Local or via Group Policies in AD.
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\

Question 2:
This is the Registry setting that needs to be adjusted for the number of days before the password expires notification.

http://www.techrepublic.com/article/change-the-timing-of-the-password-expires-message-in-windows/5519795

Open the Windows registry.

Create or modify the key: PasswordExpiryWarning" in

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon.

Enter the value (number of days before password expires that you want to notify users) and click the appropriate decimal or hexadecimal radio button (for example, e in hexadecimal equals 14 days).
0
 
LVL 21

Expert Comment

by:yo_bee
ID: 37735702
Here is a screenshot of the GPO setting.

Computer Configuration > Windows Settings > Policy Settings > Security Settings > Account Policy > Password Policy

GPO Settings
0
 
LVL 21

Expert Comment

by:yo_bee
ID: 37735800
Here is the GPO setting to change the notification.

Computer Configuration > Windows Settings > Policy Settings > Security Settings > Local Policy > Security Option > Interactive Logon : Prompt User to Change Password Before:

GPO For Notification
0
 

Author Closing Comment

by:trojan81
ID: 37736310
WEll done!
0
 
LVL 21

Expert Comment

by:yo_bee
ID: 37737058
Thank you.

hope it was not cryptic in my first reply.
0

Join & Write a Comment

This is my first article in EE and english is not my mother tongue so any comments you have or any corrections you would like to make, please feel free to speak up :) For those of you working with AD, you already are very familiar with the classi…
Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now