Click here to get back home

Server password age - without a policy
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Server password age - without a policy Hutchy 05-07-2006
Get Chitika Premium
Posted by Hutchy on May 7, 2006, 9:33 pm
Please log in for more thread options
 Hypothetically speaking...

If you have a 0 day password age policy (passwords dont expire) ...
... and you decide to make it 30 days ...

What happens to users who have passwords that havent been changed in over 30
days?

... do they get asked immediately, next logon to change their passwords?
... or will a grace period apply?

I assume its immediately, but before 2000 users scream at me, I want to know
for sure.

Thankyou.

Posted by Steven L Umbach on May 7, 2006, 11:01 pm
Please log in for more thread options
 Their passwords will immediately expire so that change is something you want
to plan for and to communicate to users. Also any user that has their
account figured for "password never expires" will not be subject to the
maximum password age. The command net user username will show when a user
last set their password and free tools like Dumpsec from SomarSoft can show
reports with such info for your users. --- Steve

http://www.somarsoft.com/ --- Dumpsec

> Hypothetically speaking...
>
> If you have a 0 day password age policy (passwords dont expire) ...
> ... and you decide to make it 30 days ...
>
> What happens to users who have passwords that havent been changed in over
> 30
> days?
>
> ... do they get asked immediately, next logon to change their passwords?
> ... or will a grace period apply?
>
> I assume its immediately, but before 2000 users scream at me, I want to
> know
> for sure.
>
> Thankyou.



Posted by Hutchy on May 7, 2006, 11:29 pm
Please log in for more thread options
Thankyou Steven. This is what I needed to know.



"Steven L Umbach" wrote:

> Their passwords will immediately expire so that change is something you want
> to plan for and to communicate to users. Also any user that has their
> account figured for "password never expires" will not be subject to the
> maximum password age. The command net user username will show when a user
> last set their password and free tools like Dumpsec from SomarSoft can show
> reports with such info for your users. --- Steve
>
> http://www.somarsoft.com/ --- Dumpsec
>
> > Hypothetically speaking...
> >
> > If you have a 0 day password age policy (passwords dont expire) ...
> > ... and you decide to make it 30 days ...
> >
> > What happens to users who have passwords that havent been changed in over
> > 30
> > days?
> >
> > ... do they get asked immediately, next logon to change their passwords?
> > ... or will a grace period apply?
> >
> > I assume its immediately, but before 2000 users scream at me, I want to
> > know
> > for sure.
> >
> > Thankyou.
>
>
>

Similar ThreadsPosted
Password Policy require server restart March 11, 2006, 9:37 am
GPO - password policy - Urgent February 2, 2006, 11:34 am
Apply or modify password policy December 26, 2006, 7:37 pm
Windows 2003 domain password policy September 26, 2006, 9:53 pm
Password Security Policy for Local on Window 2003 March 14, 2008, 4:10 pm
IAS server and group policy November 2, 2005, 11:04 am
Default domain controllers policy not applied to my server (2k3 sbs) January 3, 2006, 8:32 am
server 2000 Group policy for windows xp clients January 18, 2006, 9:59 pm
Server refreshes its security policy with wrong values July 9, 2006, 8:29 am
local security policy on windows 2003 server April 16, 2007, 10:28 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap