Password Change Policy

[Simon Church]

Hello,

we have a single windows 2000 AD Domain, with approx 400
users spread over 4 sites. I am looking for options in
setting up a password change policy. I want to have the
ability to change our user accounts on a regular basis
without impacting our service accounts. This seems to rule
out changing the maximum password age in the DOmain
Security Policy, unless the "password never expires"
setting overrides this. Does anyone know if this is the
case.

Is there a way to change the "user must change password at
next logon" setting for multiple users at a single time?
Can it be done through a Group POlicy or by selecting a
large number of users at once? Alternatively, is there a
way to set a date, for multiple users, when their
passwords will expire?

Any suggestions for setting up a flexible password change
policy would be really appreciated.

Thanks,

Simon

 

[Danny Sanders]

This seems to rule

out changing the maximum password age in the DOmain
Security Policy, unless the "password never expires"
setting overrides this. Does anyone know if this is the
case.

You can set the password never expires attribute on the accounts services
use.

Is there a way to change the "user must change password at
next logon" setting for multiple users at a single time?

AFAIK you can't do this without a third party app.


Alternatively, is there a

way to set a date, for multiple users, when their
passwords will expire?

You can set a time interval but not a date.

Password policies are one to a domain. It will affect all accounts except
the ones with password never expires.

hth
DDS W 2k MVP MCSE

 

[Chriss3]

See my answer to your other post in win2000.group_policy