Roger Abell said:
These settings will only control when the account
may log in. In order to force the account off when
outside of these times one needs to be in a domain.
Roger,
Thanks for mentioning this. I forgot to mention about this in my message.
You are right that by default this is the behaviour: if the user is already
logged on the system does not log him off. However this can be fixed by
using:
net accounts /forcelogoff:0
The above command once executed will change the default behaviour. From then
on all users will be logged out automatically once their logon time (as
specified using "net user /times:..." command) expires.
Rehan
-----------------
NET ACCOUNTS
[/FORCELOGOFF:{minutes | NO}] [/MINPWLEN:length]
[/MAXPWAGE:{days | UNLIMITED}] [/MINPWAGE:days]
[/UNIQUEPW:number] [/DOMAIN]
NET ACCOUNTS updates the user accounts database and modifies password
and logon requirements for all accounts.
When used without options, NET ACCOUNTS displays the current settings for
password, logon limitations, and domain information.
Two conditions are required in order for options used with
NET ACCOUNTS to take effect:
_ The password and logon requirements are only effective if user
accounts have been set up (use User Manager or the NET USER command).
_ The Net Logon service must be running on all servers in the domain
that verify logon. Net Logon is started automatically when Windows
starts.
/FORCELOGOFF:{minutes | NO} Sets the number of minutes a user has
before being forced to log off when the
account expires or valid logon hours expire.
NO, the default, prevents forced logoff.
/MINPWLEN:length Sets the minimum number of characters for
a password. The range is 0-14 characters;
the default is 6 characters.
/MAXPWAGE:{days | UNLIMITED} Sets the maximum number of days that a
password is valid. No limit is specified
by using UNLIMITED. /MAXPWAGE can't be less
than /MINPWAGE. The range is 1-999; the
default is 90 days.
/MINPWAGE:days Sets the minimum number of days that must
pass before a user can change a password.
A value of 0 sets no minimum time. The range
is 0-999; the default is 0 days. /MINPWAGE
can't be more than /MAXPWAGE.
/UNIQUEPW:number Requires that a user's passwords be unique
through the specified number of password
changes. The maximum value is 24.
/DOMAIN Performs the operation on a domain
controller of the current domain. Otherwise,
the operation is performed on the local
computer.