Solved

AD password expiration warnings are gone

Posted on 2014-03-25
7
203 Views
Last Modified: 2014-03-28
We changed, our password policy to change password every 60 days.
But the users are not getting the pop-up to let us know a few days ahead to change the PW.

Some users get the pop-up and some don't.
I noticed in the 'default policy' on the DC, that:  Interactive Login:  prompt user to change PW before expiration'  is not enabled.

Does that have to be enabled, and why are some users getting the pop-up and others are not?

thanks

We have Server 2003 DC's.
0
Comment
Question by:techgenious
  • 3
  • 3
7 Comments
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39953973
please run the RSOP.MSC and see if policy is applying to users.
0
 
LVL 3

Expert Comment

by:mlsbraves
ID: 39953986
It may be because some of your users don't log off. The prompt would appear when they login so if they never log off then they may never see the warning.

See:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/06cfc1d3-12ce-4d8d-a6d3-911d1e6586f4/prompt-user-to-change-password-before-expiration-and-its-settings?forum=winserverGP

Also, have you manually ran a group policy update on the users computer?

gpupdate /force
0
 

Author Comment

by:techgenious
ID: 39954201
I ran RSOP.msc and under 'Source GPO' it is blank meaning this is not set at the DC, default   domain Policy.

the user has logged off and logged on.   Still no message.
I also check:
-- Default Domain Controller Security Settings [blank]
-- Domain Security Policy [blank]

The above two on the DC.

Could it be it is set on the users computers:  Local Policies > security options?
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39954250
what do you mean by blank ?? seems policy is not set or reset to default.

pls expand the "Domain Security Policy" and verify these policies are there. http://support.gfi.com/manuals/en/lanscan7/lanscan7manual-1-85.html

Also check
 Computer Configuration\Windows Settings\Local Policies\Security Options under Interactive Logon: Prompt user to change password before expiration.
is configured.
0
 

Author Comment

by:techgenious
ID: 39954281
This is 2003 DC's, picture does not appear the same.

Domain
0
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 210 total points
ID: 39954358
Strange !!!

Do you have the GPMC console installed, if yes then check from their.

run DCDIAG /V and see the erros.
0
 

Author Comment

by:techgenious
ID: 39954922
Okay I will check it out, remember this is server 2003 DC's.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now