• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 508
  • Last Modified:

One-time password change for all users?

I'd like to enforce a one-time password changes for all users in AD.  The problem is, we have some users that work once a month and only use OWA.  So, if I set passwords to expire in 30 days, then some users may have to change their password twice.  If the OWA users don't change before expiration, they are locked out which causes IT major inconvenience.

Does anyone have a strategy they can suggest?
0
sbumpas
Asked:
sbumpas
1 Solution
 
Joseph MoodyBlogger and wearer of all hats.Commented:
If I understand your question correctly, you should be about to right click all of your users in an OU - select properties and then account. Then check user must change password at next logon.

I would test this on a small set of users first.
0
 
pjamCommented:
What jmoody says is what we do when we migrate a site from one domain to a another
0
 
sbumpasAuthor Commented:
The problem with that strategy is OWA users are locked out until their passwords are changed via AD login.  Some users rely exclusively on OWA, so we would get dozens of calls to unlock accounts.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
BillBondoCommented:
perhaps make the owa people a separate group with longer password changes
0
 
sbumpasAuthor Commented:
Well this would be a one-time change, so I'm not sure how a longer interval would help?
0
 
Columbia EnergyEngineers of All TypesCommented:
There's no clean way to do what you ask.  Exclude the OWA users from the forced password change.  If this is OWA 2007 or later, email those users and instruct them to change their passwords and provide instructions on how to do so (via OWA).

It's not perfect, but it should reduce the headaches.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now