Solved

Forcing "User must change password at next logon"

Posted on 2015-01-21
4
719 Views
Last Modified: 2015-01-24
Hi,

In Users and Computers in Windows 2003 i've checked  "User must change password at next logon" - the goal obviously is when a machine is powered on the user has to change thier password. We do require this to be for the 'administrator' user. When the machine is powered on although this message appears users can go around it by simply clicking No at the prompt "Your password expires today. Do you want to change it now?" How can i force passwords to be changed for the administrator user?
0
Comment
Question by:deepi19
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 21

Expert Comment

by:RK
ID: 40563933
Hi,

This is the same way as normal user. One thing you need to change is, if you select the option "Password never expires" then the "User must change password at next logon" doesn't work as this is not required since the other option is already set.

So, remove the "Password never expires" for the administrator user and then enable  "User must change password at next logon". Logoff and see it works?
0
 

Author Comment

by:deepi19
ID: 40564122
Hi there,

Yes seems to work ok for normal users but 'Administrator' seems exempt in that you always get the option to say No to changing your password. I assume there's a registry setting somewhere but i cant find it. I'm also not using AD or anything like that in this network so need this to work in stand alone machines.
0
 
LVL 21

Accepted Solution

by:
RK earned 500 total points
ID: 40564170
Hi,

I don't think there is a registry policy to set this. There are settings which controlled by GPO's. Start>>run>>gpedit.msc>Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy - You can see the minimum password age 0, if you set this to 0 then the user will be forced to change the password but unfortunately it's not recommended as the setting will force user to change password each time they login.

If you still think that it's controlled by registry then I am out of ideas.
0
 

Author Closing Comment

by:deepi19
ID: 40568310
Thanks, i think you're right, in the end i just went with a new admin user account.
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question