Active Directory password expired. If I set it to never expire, can the user keep the same password?

windows active-directory password
28,264

Solution 1

Yes, I have done this many times. If the password is already expired, checking the "Password Never Expires" checkbox will un-expire the password until the user is located on a site with a DC.

Solution 2

To keep the old expired password simply reset it using the management console and set it to never expire, as you said. I will not go into all the reasons most of us would not do so, as I assume you have your own reasons for doing what you do.

Solution 3

While not a direct answer to your question. This is how you take care of the cached credentials being out of sync when a user is using vpn.

Go ahead and reset her password for her - but don't force change on next login. Have her log into the laptop with the current cached credentials, then VPN into your network. once she is vpn'd in have her lock the computer, then unlock the computer with the NEW credentials. This will update the local cache and allow her to log into the machine with then new password, and let you NOT set the password never expires flag. She could continue to use that password until it expires like normal.

Share:
28,264

Related videos on Youtube

Carl C
Author by

Carl C

Updated on September 17, 2022

Comments

  • Carl C
    Carl C almost 2 years

    One of our users is currently overseas, and her Active Directory domain password expired. She's logging on with a laptop using cached credentials and (non-AD integrated) VPN, but she can't logon to file shares or Outlook with the expired password. If I change the password, I'm concerned it's going to create cached logon problems for her with the laptop, which I won't be able to fix while she's eight time zones away. The flag that says she must change her password is already set. If I set her password to never expire, will that prevent her from having to change the password, or must she change it no matter what I do?

    A similar question here indicates that setting the account to Never Expire would work, but I'd like some confirmation.

    Edit: The password never expire setting would only be in place until she returns to the office. I'm just trying to allow her back into the system while she's away, without making the problem worse.

    Final edit: Setting the "Never expire" flag fixed the problem. The user will keep her existing password until she returns next week.

  • MDMarra
    MDMarra almost 15 years
    He actually listed them in the original post, so there's no need to assume anything.
  • Nasko
    Nasko almost 15 years
    If the DC to be reachable over the VPN (which is a requirement for the lock/unlock suggestion that you have), why not just go ahead and change the password? Doing the change password will still cache the new password, so cached logons will work fine.
  • jscott
    jscott over 12 years
    Even though this doesn't answer the OP's question, if you want to just copy/paste code from MSDN, or other sites, please at least attribute the source.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Change an Active Directory password in C#
How to find two months old password users in a Windows domain?
Invalid Characters for an NT Password
User can't change password due to complexity
How do you manage service account credentials (passwords)?
disable maximum password length on Windows Server
Joining an Active Directory domain using netdom
Domain Suffix added to DNS Queries
How to get user password expiration date from Active Directory?
Using powershell I'd like to get a list of people who have admin privileges for a domain?