Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Password policy: Your password will expire...

Status
Not open for further replies.
keepingbusy

keepingbusy

Programmer
Apr 9, 2000
1,470
GB
Hi

I am looking for a solution as to why we keep getting the message "Your password will expire in xx days. Do you want to change it now?" when logging on.

I note in the Microsoft Server 2003 Group Policy help file:
Maximum password age determines how many days a password can be used before the user is required to change it. The value of this setting can be between 0 and 999; if it is set to 0, passwords never expire. Setting this value too low can cause users to be frustrated; setting it too high or disabling it gives potential hackers more time to determine passwords. For most organizations, this value should be set to 42 days.
Click to expand...
I have had no problem in changing the relevant setting which has now been set to 28 days.

My question here is, what setting do I change to allow the password expiry length of time to remain at 28 days but only remind the user logging in 14 days before it is due to expire?

Some guidance would be appreciated.

Thank you.
 
Sort by date Sort by votes
Look in your Domain Policy settings on your DC.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!
 
Upvote 0 Downvote

Sorry Davetoo, I'm a newbie administrator. I am ok at editing the Group Policy Settings but what is DC (or is it obvious)?

Thank you
 
Upvote 0 Downvote
DC = Domain controller

Paul
MCSE 2003
MCTS:Active Directory
MCTS:Network Infrastructure
MCTS:Applications Infrastructure

If there are no stupid questions, then what kind of questions do stupid people ask? Do they get smart just in time to ask questions?
Scott Adams
 
Upvote 0 Downvote

For anyone searching this forum for a similar request as mine, the sollution was found in Group Policy > Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Interactive logon: Prompt user to change password before expiration (Then change the amount of days).

This setting was changed to 7 days before expiring with the actual password time of 28 days.

Thanks to those who gave me the initial help on where to look.

Hope the above helps

KB

"Alone we can do so little, together we can do so much"
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
841
mangentle
mangentle
Mohamed-IT
  • Locked
  • Question
Windows server 2019 password locked
Replies
1
Views
151
strongm
strongm
penguinroundup
  • Locked
  • Question
programmatically delete all saved passwords for IE for any user
Replies
0
Views
188
penguinroundup
penguinroundup
TECHMAN007
  • Locked
  • Question
RD Web Password Change
Replies
0
Views
146
TECHMAN007
TECHMAN007
rrmcguire
  • Locked
  • Question
group policy to set dns
Replies
2
Views
271
rrmcguire
rrmcguire

Part and Inventory Search

Sponsor

Back
Top