In DC - user must change password at next logon
Dear All,
Good Day,
When new user accounts are created, we set a temporary password and check the "User must change password at next logon" box on the user account. In this default domain policy, account passwords expire every 30 days or not. if not how to set account passwords expire every 30 days.
Waiting for your reply
Thanks
Kumar
Good Day,
When new user accounts are created, we set a temporary password and check the "User must change password at next logon" box on the user account. In this default domain policy, account passwords expire every 30 days or not. if not how to set account passwords expire every 30 days.
Waiting for your reply
Thanks
Kumar
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
You need to configure password policy GPO, if you are going to use same policy for all users in domain then you can use default domain policy otherwise you need to create different policies and apply them to OUs.
If you change default domain policy, make sure you set "password never expired" option on service accounts otherwise you need to change service accounts password and reconfigure services every X number of days specified in the policy. When set option "Password never expires" the option overrides the group policy setting applied to account.
http://technet.microsoft.com/en-us/library/cc736605%28WS.10%29.aspx
If you change default domain policy, make sure you set "password never expired" option on service accounts otherwise you need to change service accounts password and reconfigure services every X number of days specified in the policy. When set option "Password never expires" the option overrides the group policy setting applied to account.
http://technet.microsoft.com/en-us/library/cc736605%28WS.10%29.aspx
You can check the default domain policy setting on
http://technet.microsoft.com/en-us/library/4695b475-f87e-45c5-93c7-49af2f94215f(v=ws.10)#BKMK_Pwd
You can edit this policy using gpmc tool. If you have windows server 2003 download GPMC -
http://www.microsoft.com/en-us/download/details.aspx?id=21895
Please note you must be a member of "Domain Admin" or "Enterpriese Admin" group
http://technet.microsoft.com/en-us/library/4695b475-f87e-45c5-93c7-49af2f94215f(v=ws.10)#BKMK_Pwd
You can edit this policy using gpmc tool. If you have windows server 2003 download GPMC -
http://www.microsoft.com/en-us/download/details.aspx?id=21895
Please note you must be a member of "Domain Admin" or "Enterpriese Admin" group
Unless your domain functional level is 2008 you can only have one password policy for all users. If the level is 2008+, then you can utilize fine-grained password policies to apply to different users.
http://blogs.technet.com/b/seanearp/archive/2007/10/06/windows-server-2008-fine-grained-password-policy-walkthrough.aspx
http://blogs.technet.com/b/seanearp/archive/2007/10/06/windows-server-2008-fine-grained-password-policy-walkthrough.aspx
Premium Content
You need an Expert Office subscription to comment.Start Free Trial