Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Solved
In DC - user must change password at next logon
Posted on 2012-12-22
Dear All,
Good Day,
When new user accounts are created, we set a temporary password and check the "User must change password at next logon" box on the user account. In this default domain policy, account passwords expire every 30 days or not. if not how to set account passwords expire every 30 days.
Waiting for your reply
Thanks
Kumar
Good Day,
When new user accounts are created, we set a temporary password and check the "User must change password at next logon" box on the user account. In this default domain policy, account passwords expire every 30 days or not. if not how to set account passwords expire every 30 days.
Waiting for your reply
Thanks
Kumar
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
You need to configure password policy GPO, if you are going to use same policy for all users in domain then you can use default domain policy otherwise you need to create different policies and apply them to OUs.
If you change default domain policy, make sure you set "password never expired" option on service accounts otherwise you need to change service accounts password and reconfigure services every X number of days specified in the policy. When set option "Password never expires" the option overrides the group policy setting applied to account.
http://technet.microsoft.com/en-us/library/cc736605%28WS.10%29.aspx
If you change default domain policy, make sure you set "password never expired" option on service accounts otherwise you need to change service accounts password and reconfigure services every X number of days specified in the policy. When set option "Password never expires" the option overrides the group policy setting applied to account.
http://technet.microsoft.com/en-us/library/cc736605%28WS.10%29.aspx
You can check the default domain policy setting on
http://technet.microsoft.com/en-us/library/4695b475-f87e-45c5-93c7-49af2f94215f(v=ws.10)#BKMK_Pwd
You can edit this policy using gpmc tool. If you have windows server 2003 download GPMC -
http://www.microsoft.com/en-us/download/details.aspx?id=21895
Please note you must be a member of "Domain Admin" or "Enterpriese Admin" group
http://technet.microsoft.com/en-us/library/4695b475-f87e-45c5-93c7-49af2f94215f(v=ws.10)#BKMK_Pwd
You can edit this policy using gpmc tool. If you have windows server 2003 download GPMC -
http://www.microsoft.com/en-us/download/details.aspx?id=21895
Please note you must be a member of "Domain Admin" or "Enterpriese Admin" group
Active today
Unless your domain functional level is 2008 you can only have one password policy for all users. If the level is 2008+, then you can utilize fine-grained password policies to apply to different users.
http://blogs.technet.com/b/seanearp/archive/2007/10/06/windows-server-2008-fine-grained-password-policy-walkthrough.aspx
http://blogs.technet.com/b/seanearp/archive/2007/10/06/windows-server-2008-fine-grained-password-policy-walkthrough.aspx
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.
However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
How to fix incompatible JVM issue while installing Eclipse
While installing Eclipse in windows, got one error like above and unable to proceed with the installation.
This video describes how to successfully install Eclipse.
How to solve incompa…
Suggested Courses
Course of the Month8 days, 14 hours left to enroll
721 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.