Solved

Enable complex password and force all users to change their password asap.

Posted on 2015-02-17
2
399 Views
Last Modified: 2015-04-02
Hello,

We are in a Windows 2008 environment with windows 2003 domain functional level.

We want to enable password complexity in our domain policy.  

How do we trigger the change to happen right the way to force the all the users to specify a complex password?  

Please advise.
0
Comment
Question by:nav2567
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 250 total points
ID: 40615506
To force a reset you will need to use dsquery user | dsmod user -mustchpwd yes command. Personally I would not do this. I would create the password complexity policy, find the users where their passwordLastSet attribute is. Then send out an email notification to tell users to change there password.

Once the password complexity policy has been set you can also use the PasswordLastSet to find out which users have in fact reset/changed their password.

Use the below command below
get-aduser -filter * -properties passwordlastset, passwordneverexpires | sort name | ft Name, passwordlastset, Passwordneverexpires

Open in new window


Will.
0
 
LVL 12

Assisted Solution

by:Natty Greg
Natty Greg earned 250 total points
ID: 40615842
Set the password policy, along with the complexity and you can also type a note within the settings notifying the user they must change their password and the minimum length required. all can be done in group policy and force group policy from domain controller everyone will have to comply. set it so that on their next logon they have to change their password.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question