Hello,
Thanks for your response.
From your reply, I am not sure if you have run RSOP on the client to see if
the policy is applying.
If the problem persists, please turn on the following group policy to see
if it can help:
Computer\Administrative Templates\System\logon\Always wait for the network
at computer startup and logon
313194: No Password Expiration Notice Is Presented During the Logon Process
http://support.microsoft.com/kb/313194/en-us
Thanks & Regards,
Ken Zhao
Microsoft Online Support
Microsoft Global Technical Support Center
Get Secure! -
www.microsoft.com/security <
http://www.microsoft.com/security>
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: XP User not notified of upcoming domain password expiration
| thread-index: Acd8OZfsNQ/CJJBbSxCVQ0DTp8w/5A==
| X-WBNR-Posting-Host: 207.46.198.15
| From: =?Utf-8?B?Um9iZXJ0IEE=?= <
[email protected]>
| References: <
[email protected]>
<IaUN2x#
[email protected]>
| Subject: RE: XP User not notified of upcoming domain password expiration
| Date: Wed, 11 Apr 2007 06:02:00 -0700
| Lines: 87
| Message-ID: <
[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757
| Newsgroups: microsoft.public.windowsxp.general
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windowsxp.general:65928
| NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| X-Tomcat-NG: microsoft.public.windowsxp.general
|
|
| I have followed your suggestions but there is no change in the situation.
|
|
| The PC was rebooted the previous night, as part of normal procedure, so I
| don't think this tip is applicable.
|
| > ""Ken Zhao [MSFT]"" wrote:
| >
| > Based on my experience, if the machine has not been rebooted or the
user
| > account has not been logged off, it will not prompt a notification of
| > password expiration until you logoff the current user.
|
|
| There is no defined Group Policy Object setting for: "Interactive logon:
| Prompt user to change password before expiration." In my experience
if
| the setting is Not Defined then it will take the default value (which in
this
| case is 14 days).
|
| I ran the RSOP to determine this. (I also maintain the GPOs so I am
aware
| of most settings that we have defined.)
|
| > Based on the current situation, please help me confirm the RSOP result
on
| > DC is the same as client.
|
|
| We did check the PC client and this setting is defined as 14 days.
|
| > Meanwhile, please check the Local Policies\Security Options\Interactive
| > logon: Prompt user to change password before expiration option to see
if it
| > has been configured to 14 days.
| >
| >
| >
| > --------------------
| > | Thread-Topic: XP User not notified of upcoming domain password
expiration
| > | thread-index: Acd7n+7uWqlrhPqRRD22avgRnnHq9Q==
| > | X-WBNR-Posting-Host: 68.73.75.192
| > | From: =?Utf-8?B?Um9iZXJ0IEE=?= <
[email protected]>
| > | Subject: XP User not notified of upcoming domain password expiration
| > | Date: Tue, 10 Apr 2007 11:42:04 -0700
| > | Lines: 25
| > | Message-ID: <
[email protected]>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2757
| > | Newsgroups: microsoft.public.windowsxp.general
| > | Path: TK2MSFTNGHUB02.phx.gbl
| > | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windowsxp.general:65600
| > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| > | X-Tomcat-NG: microsoft.public.windowsxp.general
| > |
| > | On several laptop XP clients in our domain, the user is not notified
of
| > his
| > | upcoming password expiration for the domain.
| > |
| > | I have checked these things:
| > | - The user is connected to the corporate network
| > | - The user is not logging on with cached credentials.
| > | - The computer policy is set to 14 days:
| > | \Computer Configuration\Windows Settings\Security Settings\Local
| > | Policies\Security Options\
| > | - The registry on the PC shows the same setting of 14 days:
| > | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
| > | NT\CurrentVersion\Winlogon\passwordexpirywarning
| > |
| > |
| > |
| > | Upon the expiration of the password, the client Event Viewer shows
Event
| > | 535, "The specified account's password has expired."
| > |
| > | Most users in the environment receive password expiration
notifications,
| > | beginning 14 days prior to the expiration (so it is not a domain-wide
| > | problem).
| > |
| > | Suggestions for how to resolve this problem? (One thing that makes
it
| > | difficult to reproduce, is there's no way to set an test Active
Directory
| > | account so that it will expire in a few days.)
| > |
| >
| >
|