Re: AD Script to set passwords to expire in 10 days
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 4 Jan 2007 16:32:12 -0600
Can't be done. You can't set the pwdLastSet attribute to a specific date.
You can only set it to 0, which is essentially "password must be changed at
next logon", or -1 which set the date to "now". If you set the value to -1
and changed your domain pwd policy so that passwords expire in 10 days, then
everyone's password would expire in 10 days, so that might get you what you
want.
You also need to make sure that all users who will expire are NOT set to
"password never expires".
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Andrea" <ahayworth@xxxxxxxxxxxxxx> wrote in message
news:1167949045.285887.122940@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Good Afternoon,
I have been asked to write an AD script that will set the user accounts
of an OU to expire in 10 days. I found a script that showed how to set
a password to expire now, but I need the 10 day warning. Does anyone
know how to do this?
Thanks! :)
.
- Follow-Ups:
- Re: AD Script to set passwords to expire in 10 days
- From: Jorge Silva
- Re: AD Script to set passwords to expire in 10 days
- References:
- AD Script to set passwords to expire in 10 days
- From: Andrea
- AD Script to set passwords to expire in 10 days
- Prev by Date: Re: In domain.company.com "domain" is not technically a child in a single domain 1 DC AD?
- Next by Date: Re: AD Script to set passwords to expire in 10 days
- Previous by thread: AD Script to set passwords to expire in 10 days
- Next by thread: Re: AD Script to set passwords to expire in 10 days
- Index(es):
Relevant Pages
|
Loading
