account expired???

  • ciscoask@hotmail.com
  • Newbie
  • Newbie
  • ciscoask@hotmail.com
  • Posts: 7

Post 3+ Months Ago

Hi.. May I know how to check whether a Windows 2000 user account has expired from the server (and user need to change password again) ? (accont never expires is unchecked)
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • DuckIT
  • Graduate
  • Graduate
  • User avatar
  • Posts: 155
  • Loc: London, UK

Post 3+ Months Ago

If an account is expired then it will appear with a red cross on it to show it is disabled. I don't know if you can check if a password is expired though. I would right click the account and reset the password to 'password' or something, then tick the box that requires the user to change the password when they log in next (think that option is under 'account'). Then give the user the password and get them to log in and it will prompt them to change their own password.

S
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Start | run type cmptmgmt.msc to bring up the management console or follow the path:
Control panel | Administrative Tools | Computer Management | Local Users and Groups | Users. Right click the users and select properties. If Password never expires is checked, then it should not expire. If account is disabled is checked, uncheck it.
---------------------------------------------------------------------------------------------
To check other password policies:
Start | run type secpol.msc to bring up local security settings console or follow the path:
Control panel | Administrative Tools | Local Security Policy
Expand Account Policies and choose password policy
Enforce password history if set to a number will force the user to choose a unique password for the next x amount of times. The default is zero
Maximum password age. The default is 42. This policy will affect any user that does not have password never expires checked/
Minimum password age. The default is 0 If set to a number, this is the minimum number of days that a user is forced to use their current password. For example if the minimum is set to five, the user can't change a new password for 5 days. (I've never found much use for this and leave it at zero)
Passwords must meet complexity requirements - If enabled passwords must include a combination of caps and small case and numbers and I believe must be at least 8 or 10 characters.
Store password using reversible encryption - I don't know of any good reason to change that from the default of disabled.

---------------------------------------------------------------------------------------------
To check other policies that can be used to manage users and accounts

Start |Run type gpedit.msc to bring up the group policy console.

There are too many settings in there that can be modified to control various things users or groups can or cannot do to enumerate in this post. Just experiment with them a little at a time.
  • ada42
  • Born
  • Born
  • ada42
  • Posts: 1

Post 3+ Months Ago

The original question has not been answered yet. It is very easy to check the status of a password. If you want to check the userid on the domain controller, open a command prompt window and type:

net user <userid> /domain

from any computer in the domain. All sorts of useful info will be listed, including the password expiry date. To check the userid on the local machine, leave off the /domain.

- Alex

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: No registered users and 25 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.