Solved

Active directory - password about to expire

Posted on 2012-03-18
5
305 Views
Last Modified: 2012-03-19
Hi AD experts,

When I log into my computer in the office and get a messaging saying "password is about to expire, would you like to change it now" is that controlled on the AD server? Our AD servers are windows 2008.

Is there also a place within AD to say how many days in advance before sending the notifications?
0
Comment
Question by:trojan81
  • 4
5 Comments
 
LVL 22

Accepted Solution

by:
yo_bee earned 500 total points
ID: 37735372
Question 1:
This is controlled by Policies either Local or via Group Policies in AD.
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\

Question 2:
This is the Registry setting that needs to be adjusted for the number of days before the password expires notification.

http://www.techrepublic.com/article/change-the-timing-of-the-password-expires-message-in-windows/5519795

Open the Windows registry.

Create or modify the key: PasswordExpiryWarning" in

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon.

Enter the value (number of days before password expires that you want to notify users) and click the appropriate decimal or hexadecimal radio button (for example, e in hexadecimal equals 14 days).
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 37735702
Here is a screenshot of the GPO setting.

Computer Configuration > Windows Settings > Policy Settings > Security Settings > Account Policy > Password Policy

GPO Settings
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 37735800
Here is the GPO setting to change the notification.

Computer Configuration > Windows Settings > Policy Settings > Security Settings > Local Policy > Security Option > Interactive Logon : Prompt User to Change Password Before:

GPO For Notification
0
 

Author Closing Comment

by:trojan81
ID: 37736310
WEll done!
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 37737058
Thank you.

hope it was not cryptic in my first reply.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now