asked on

Active directory Group Policy

I have to force the users to change their password to 8 charactors at next logon due to some security concerns.But i have also some service accounts running with normal user accounts.
I have more than 700 Users.
Please give me any script or the best way which exclude the service accounts and domain admin accounts and then force all other users to change their password at next logon with 8 characters,

ASKER CERTIFIED SOLUTION

Ed OConnor

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Sushil Sonawane

You can achieve through following below mention steps:

1) create password policy to change set password complexity 8 characters.

Refer below link :

https://redmondmag.com/articles/2011/08/01/managing-active-directory-password-policies.aspx

http://www.top-password.com/blog/how-to-change-active-directory-password-policy-in-windows-server-2008/

2) create a fine grained password policies for your generic users.
to create policy refer below link :

https://blogs.technet.microsoft.com/meamcs/2012/05/29/creating-fine-grained-password-policies-through-gui-windows-server-2012-server-8-beta/

http://www.windowsnetworking.com/articles-tutorials/windows-server-2012/configuring-fine-grained-password-policies.html

https://4sysops.com/archives/fine-grained-password-policy-in-windows-server-2012/

http://www.grouppolicy.biz/2011/08/tutorial-how-to-setup-default-and-fine-grain-password-policy/

Seth Simmons

No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: sAMAccountName (https:#a41769461)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

seth2740
Experts-Exchange Cleanup Volunteer