?
Solved

Expired accounts

Posted on 2014-01-31
7
Medium Priority
?
223 Views
Last Modified: 2014-02-13
I have a number of accounts with expired passwords in my Active Directory. If I set the 'Never Expires' flag after the password has expired, will I still have to change it?
0
Comment
Question by:albatros99
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39823723
Hi

Never expires can be dangerous and only be used by service accounts with impossible to guess passwords.

But no, if you flag that for a user- or serviceaccount the account will never expire again.
0
 
LVL 3

Author Comment

by:albatros99
ID: 39823732
The question isn't if the account will expire again. The question is if I can continue to use the old password although the account has already expired, simply by checking the flag 'account never expires'.
0
 
LVL 6

Expert Comment

by:Aditya Arora
ID: 39823741
yes you still have to change it one time.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39823749
Yes you need to reset it once, can be the same as before.
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 1500 total points
ID: 39828044
I have not tested this, but I really not see any need \ good reason to reset password after you set flag to "Password never expires".

Ultimately if you have set account as a service account some where, it will query AD for credentials validity by checking user attribute (userAccountControl value)
In that case its duty of active directory to tell service that account password is expired or not
So, if you set it to non expiring after it expired, it should work

http://technet.microsoft.com/en-us/library/ee198831.aspx

Mahesh
0
 
LVL 3

Author Closing Comment

by:albatros99
ID: 39855916
I have tested this in a lab environment and can confirm that if the password has expired and you set the 'never expires' flag, you can logon again and don't have to change the password.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39855936
Thanks for testing

It is expected behaviour.

Thanks once again, your results would help some body some day in bad situation

Mahesh
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question