Re: Password Change Policy

From: Chriss3 (noSpamHere_at_chrisse.se)
Date: 02/26/04 

Date: Thu, 26 Feb 2004 17:48:28 +0100

See my answer to your other post in win2000.group_policy 

-- 
Regards
Christoffer Andersson
No email replies please - reply in the newsgroup
"Danny Sanders" <Danny.Sanders@cpcNOmedSPAM.org> skrev i meddelandet
news:ujeo4dI$DHA.2808@TK2MSFTNGP10.phx.gbl...
> This seems to rule
> > out changing the maximum password age in the DOmain
> > Security Policy, unless the "password never expires"
> > setting overrides this. Does anyone know if this is the
> > case.
>
>
> You can set the password never expires attribute on the accounts services
> use.
>
> > Is there a way to change the "user must change password at
> > next logon" setting for multiple users at a single time?
>
>
> AFAIK you can't do this without a third party app.
>
>
> Alternatively, is there a
> > way to set a date, for multiple users,  when their
> > passwords will expire?
>
> You can set a time interval but not a date.
>
> Password policies are one to a domain. It will affect all accounts except
> the ones with password never expires.
>
> hth
> DDS W 2k MVP MCSE
>
> "Simon Church" <anonymous@discussions.microsoft.com> wrote in message
> news:268301c3fc81$52c24530$a401280a@phx.gbl...
> > Hello,
> >
> > we have a single windows 2000 AD Domain, with approx 400
> > users spread over 4 sites. I am looking for options in
> > setting up a password change policy. I want to have the
> > ability to change our user accounts on a regular basis
> > without impacting our service accounts. This seems to rule
> > out changing the maximum password age in the DOmain
> > Security Policy, unless the "password never expires"
> > setting overrides this. Does anyone know if this is the
> > case.
> >
> > Is there a way to change the "user must change password at
> > next logon" setting for multiple users at a single time?
> > Can it be done through a Group POlicy or by selecting a
> > large number of users at once? Alternatively, is there a
> > way to set a date, for multiple users,  when their
> > passwords will expire?
> >
> > Any suggestions for setting up a flexible password change
> > policy would be really appreciated.
> >
> > Thanks,
> >
> > Simon
>
>

Relevant Pages

  • Re: AD 2000, Blank passwords, and Group Policy
    ... the original creator of these accounts set them to 'Password ... never expires' so that won't work for me. ... I'm going to have to use your suggestion of disabling the policy ... > file though you may want to post in a Windows scripting newsgroup for that You might ...
    (microsoft.public.win2000.security)
  • Re: Password Change Policy
    ... Any account configured with password never expires will not have maximum ... > without impacting our service accounts. ... > out changing the maximum password age in the DOmain ... > next logon" setting for multiple users at a single time? ...
    (microsoft.public.win2000.security)
  • Re: password never expires script
    ... You can not use block inheritance to keep password/account policy from being ... domain controller you can do all the user accounts at one time by ... > that will enable password never expires for these users. ...
    (microsoft.public.windows.group_policy)
  • Re: 2003 Group Policy Default Domain Policy
    ... password setting from never expires to password expires in 60 days and need ... Controllers will only process one password policy per domain, ... The password age is calculated by the maximum password age minus the ... If your concern is service accounts, set them to never expire as this ...
    (microsoft.public.win2000.group_policy)
  • Re: Password Policy and AD
    ... Any accounts that you manually set to "Password never expires" in the ADUC ... MMC console will not be affected by the password policy. ... > security policy - account policy settings and then check ...
    (microsoft.public.win2000.group_policy)
Loading