locked
Password expiration RRS feed

  • Question

  • Hi. I've got one question regarding domain user password expiration. If user gets message "your password is expired", but doesn't change it, and  administrator  check's  box  "password never expires" in user account properties, what happens?

    P.S. just haven't got possibility to test it now...

     

    Wednesday, July 21, 2010 5:53 AM

Answers

  • Hi ,

    I think it will enforce the old policy and new will get done on that user also this is not Active Directory Forum kindly post it on AD Forum as well.

     

    Regards.

    Shafaquat Ali.


    M.C.I.T.P Exchange 2007/2010, M.C.I.T.P Windows Server 2008, M.C.T.S OCS Server 2007 R2, Phone: +923008210320
    • Marked as answer by Rubel Khan Sunday, July 25, 2010 4:21 AM
    Wednesday, July 21, 2010 8:58 AM
  • If the password expires and the user does not log in, then when the
    admin sets "password never expires," then the user should be able to log
    in with the old password.
     
    This is somewhat tricky as terminal services connections will not allow
    the user to authenticate (connections with NLA will fail directly) and
    change the password whereas an interactive session would force the user
    to change the password before getting to the desktop.
     

    -- Mike Burr
    • Marked as answer by Rubel Khan Sunday, July 25, 2010 4:21 AM
    Wednesday, July 21, 2010 3:43 PM

All replies

  • Hi ,

    I think it will enforce the old policy and new will get done on that user also this is not Active Directory Forum kindly post it on AD Forum as well.

     

    Regards.

    Shafaquat Ali.


    M.C.I.T.P Exchange 2007/2010, M.C.I.T.P Windows Server 2008, M.C.T.S OCS Server 2007 R2, Phone: +923008210320
    • Marked as answer by Rubel Khan Sunday, July 25, 2010 4:21 AM
    Wednesday, July 21, 2010 8:58 AM
  • If the password expires and the user does not log in, then when the
    admin sets "password never expires," then the user should be able to log
    in with the old password.
     
    This is somewhat tricky as terminal services connections will not allow
    the user to authenticate (connections with NLA will fail directly) and
    change the password whereas an interactive session would force the user
    to change the password before getting to the desktop.
     

    -- Mike Burr
    • Marked as answer by Rubel Khan Sunday, July 25, 2010 4:21 AM
    Wednesday, July 21, 2010 3:43 PM