Re: When ADMIN PASSWORD has expired - stop ability to bypass chang
- From: Darrellg@xxxxxxxxxxxxxxxxxxxx ("Darrell Gorter[MSFT]")
- Date: Thu, 13 Oct 2005 00:09:42 GMT
Hello Drew,
Try looking at this article:
885119 How to set account lockout policies in Windows 2000 and Windows
Server
http://support.microsoft.com/?id=885119
Thanks,
Darrell Gorter[MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights
--------------------
<Thread-Topic: When ADMIN PASSWORD has expired - stop ability to bypass
chang
<thread-index: AcXOupVb5fG8HGcARbGQDrDwzh35Hg==
<X-WBNR-Posting-Host: 69.148.72.109
<From: "=?Utf-8?B?ZGhhcmFrYWw=?=" <dharakal@xxxxxxxxxxxxxxxxxxxxxxxxx>
<References: <61CC7D94-610F-4BAD-AD2C-8A15B45E6D2F@xxxxxxxxxxxxx>
<uZx5eAnzFHA.2652@xxxxxxxxxxxxxxxxxxxx>
<Subject: Re: When ADMIN PASSWORD has expired - stop ability to bypass chang
<Date: Tue, 11 Oct 2005 16:22:01 -0700
<Lines: 45
<Message-ID: <1BBEABBD-7578-4164-83A2-177409D60E79@xxxxxxxxxxxxx>
<MIME-Version: 1.0
<Content-Type: text/plain;
< charset="Utf-8"
<Content-Transfer-Encoding: 7bit
<X-Newsreader: Microsoft CDO for Windows 2000
<Content-Class: urn:content-classes:message
<Importance: normal
<Priority: normal
<X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
<Newsgroups: microsoft.public.windowsxp.setup_deployment
<NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
<Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
<Xref: TK2MSFTNGXA02.phx.gbl
microsoft.public.windowsxp.setup_deployment:142406
<X-Tomcat-NG: microsoft.public.windowsxp.setup_deployment
<
<> dharakal wrote:
<>
<> > I am configuring closed systems with highly restricted access.
<> > Part of the certification is to establish that all of the passwords
expire.
<> > Here is the situation:
<> > On a non-networked Windows XP SP2 workstation.
<> > I set the expiration of the the ADMINISTRATOR's password to 45 days.
Then I
<> > change the time to be 46 days in the future and logoff. When I log
back on,
<> > as ADMINISTRATOR, it informs me that my password has expired and
"...would I
<> > like to change it".
<> > If I answer "YES", it allows me to change the password and continues
to my
<> > desktop.
<> > If I answer "NO" it takes me to the desktop as well (re-asking the
question
<> > every time I log on).
<> > HOW do I configure the system to NOT ALLOW me to continue to the
desktop
<> > unless I change the ADMINISTRATOR Password when it has expired?
<> >
<> > TO restate the question: I need the system to NOT allow the
administrator
<> > (or any account for that matter) to be able to continue to the desktop
after
<> > the password is expired UNLESS THEY CHANGE THE PASSWORD.
<> >
<> > thanks,
<> > - Drew
<>
<> Don't you have the following option?
<>
<> 'User must change password at next logon'
<>
<- - -
<Yes, I have the option but that is neither the question nor the problem..
<
<AT LOGON
<IF an admin's password has expired
<
<THEN the dialog box asks them if they want to change it.
<IF they answer YES it gives them the dialog to change the password and
<continues on to the desktop once the password change scenario is complete.
<ELSE they answer NO and it continues to the desktop.
<
<I want to configure it so that IF they answer NO, THEN it does NOT
continue
<until they answer YES.
<Effectively enforcing that they MUST change their password if it has
expired.
<
<I don't think it's possible in the Windows World...
<- Drew
<
.
- References:
- Prev by Date: Re: Detecting SATA hard disk under windows XP
- Next by Date: RE: Licensing and Sysprep
- Previous by thread: Re: When ADMIN PASSWORD has expired - stop ability to bypass change op
- Next by thread: Re: Installing XP Pro and Windows 2000 pro
- Index(es):
Relevant Pages
|
