'Change Pwd Next Logon' and 'Pwd never Expires' ?

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hi all,

I've an application that creates users.
But I've got a question.

I can set the 'Change Pwd at Next Logon'.
This is what I do .. and it works ;-) :
usr.pwdLastSet = -1

BUT !!!
Whenever I set the setting 'Pwd Never Expires' ... the 'Change Pwd at
Next Logon' is GONE !!! Only the 'Pwd Never Expires' setting is set.
This my script :
usr.userAccountControl = ADS_UF_NORMAL_ACCOUNT +
ADS_UF_DONT_EXPIRE_PASSWD
usr.pwdLastSet = -1

So, After this code the 'Change Pwd at Next Logon' is NOT set !
Why ?
Can't they be set togother ??

Thanks for any help !
Marc.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Try it in the GUI. You can't set both.
Anthony


"Schmidtmayer Marc" <marc.schmidtmayer@gb.be> wrote in message
news:6ba0254d.0411252238.112a6c0@posting.google.com...
> Hi all,
>
> I've an application that creates users.
> But I've got a question.
>
> I can set the 'Change Pwd at Next Logon'.
> This is what I do .. and it works ;-) :
> usr.pwdLastSet = -1
>
> BUT !!!
> Whenever I set the setting 'Pwd Never Expires' ... the 'Change Pwd at
> Next Logon' is GONE !!! Only the 'Pwd Never Expires' setting is set.
> This my script :
> usr.userAccountControl = ADS_UF_NORMAL_ACCOUNT +
> ADS_UF_DONT_EXPIRE_PASSWD
> usr.pwdLastSet = -1
>
> So, After this code the 'Change Pwd at Next Logon' is NOT set !
> Why ?
> Can't they be set togother ??
>
> Thanks for any help !
> Marc.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

This action is by design.

This is also the same reaction you will get within the GUI if you attempt
to set both of these properties. The error message you get if you attempt
this is: You have selected 'Password never expires'. The user will not be
required to change the password at next logon. Within the GUI it will
automatically deselect the "User must change password at next logon"
checkbox.

Best regards,

Gregory Robb [MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights.


--------------------
> From: marc.schmidtmayer@gb.be (Schmidtmayer Marc)
> Newsgroups: microsoft.public.win2000.active_directory
> Subject: 'Change Pwd Next Logon' and 'Pwd never Expires' ?
> Date: 25 Nov 2004 22:38:56 -0800
> Organization: http://groups.google.com
> Lines: 23
> Message-ID: <6ba0254d.0411252238.112a6c0@posting.google.com>
> NNTP-Posting-Host: 195.234.145.3
> Content-Type: text/plain; charset=ISO-8859-1
> Content-Transfer-Encoding: 8bit
> X-Trace: posting.google.com 1101451137 28482 127.0.0.1 (26 Nov 2004
06:38:57 GMT)
> X-Complaints-To: groups-abuse@google.com
> NNTP-Posting-Date: Fri, 26 Nov 2004 06:38:57 +0000 (UTC)
> Path:
cpmsftngxa10.phx.gbl!TK2MSFTFEED02.phx.gbl!tornado.fastwebnet.it!tiscali!new
sfeed1.ip.tiscali.net!news.glorb.com!postnews.google.com!not-for-mail
> Xref: cpmsftngxa10.phx.gbl microsoft.public.win2000.active_directory:94529
> X-Tomcat-NG: microsoft.public.win2000.active_directory
>
> Hi all,
>
> I've an application that creates users.
> But I've got a question.
>
> I can set the 'Change Pwd at Next Logon'.
> This is what I do .. and it works ;-) :
> usr.pwdLastSet = -1
>
> BUT !!!
> Whenever I set the setting 'Pwd Never Expires' ... the 'Change Pwd at
> Next Logon' is GONE !!! Only the 'Pwd Never Expires' setting is set.
> This my script :
> usr.userAccountControl = ADS_UF_NORMAL_ACCOUNT +
> ADS_UF_DONT_EXPIRE_PASSWD
> usr.pwdLastSet = -1
>
> So, After this code the 'Change Pwd at Next Logon' is NOT set !
> Why ?
> Can't they be set togother ??
>
> Thanks for any help !
> Marc.
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

this 2 properties will not work together. not even from GUI.


--
Andrei Ungureanu
www.eventid.net
Free Windows event logs reports
http://www.altairtech.ca/evlog/

"Anthony Yates" <anthony.spam@spammedout.com> wrote in message
news:O8953f50EHA.2716@TK2MSFTNGP14.phx.gbl...
> Try it in the GUI. You can't set both.
> Anthony
>
>
> "Schmidtmayer Marc" <marc.schmidtmayer@gb.be> wrote in message
> news:6ba0254d.0411252238.112a6c0@posting.google.com...
>> Hi all,
>>
>> I've an application that creates users.
>> But I've got a question.
>>
>> I can set the 'Change Pwd at Next Logon'.
>> This is what I do .. and it works ;-) :
>> usr.pwdLastSet = -1
>>
>> BUT !!!
>> Whenever I set the setting 'Pwd Never Expires' ... the 'Change Pwd at
>> Next Logon' is GONE !!! Only the 'Pwd Never Expires' setting is set.
>> This my script :
>> usr.userAccountControl = ADS_UF_NORMAL_ACCOUNT +
>> ADS_UF_DONT_EXPIRE_PASSWD
>> usr.pwdLastSet = -1
>>
>> So, After this code the 'Change Pwd at Next Logon' is NOT set !
>> Why ?
>> Can't they be set togother ??
>>
>> Thanks for any help !
>> Marc.
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Marc,

To clarify this a bit more.........

The "change password at next logon" check box actually expires the password
by setting pwdLastSet = 0 see
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/user_must_change_password_at_next_logon.asp
By setting the "password never expires" flag, this not only sets a specific
value on useraccountcontrol (ADS_UF_DONT_EXPIRE_PASSWD), it also unexpires
the password by setting the pwdlastset to the current time (not very well
documented...i agree)

this is definately by design as Greg indicated.


--
Glenn L

CCNA, MCSE (2000,2003) + Security
"Greg Robb" <a-grobb@online.microsoft.com> wrote in message
news:BfVPng50EHA.3436@cpmsftngxa10.phx.gbl...
> This action is by design.
>
> This is also the same reaction you will get within the GUI if you attempt
> to set both of these properties. The error message you get if you attempt
> this is: You have selected 'Password never expires'. The user will not be
> required to change the password at next logon. Within the GUI it will
> automatically deselect the "User must change password at next logon"
> checkbox.
>
> Best regards,
>
> Gregory Robb [MSFT]
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
>
> --------------------
>> From: marc.schmidtmayer@gb.be (Schmidtmayer Marc)
>> Newsgroups: microsoft.public.win2000.active_directory
>> Subject: 'Change Pwd Next Logon' and 'Pwd never Expires' ?
>> Date: 25 Nov 2004 22:38:56 -0800
>> Organization: http://groups.google.com
>> Lines: 23
>> Message-ID: <6ba0254d.0411252238.112a6c0@posting.google.com>
>> NNTP-Posting-Host: 195.234.145.3
>> Content-Type: text/plain; charset=ISO-8859-1
>> Content-Transfer-Encoding: 8bit
>> X-Trace: posting.google.com 1101451137 28482 127.0.0.1 (26 Nov 2004
> 06:38:57 GMT)
>> X-Complaints-To: groups-abuse@google.com
>> NNTP-Posting-Date: Fri, 26 Nov 2004 06:38:57 +0000 (UTC)
>> Path:
> cpmsftngxa10.phx.gbl!TK2MSFTFEED02.phx.gbl!tornado.fastwebnet.it!tiscali!new
> sfeed1.ip.tiscali.net!news.glorb.com!postnews.google.com!not-for-mail
>> Xref: cpmsftngxa10.phx.gbl
>> microsoft.public.win2000.active_directory:94529
>> X-Tomcat-NG: microsoft.public.win2000.active_directory
>>
>> Hi all,
>>
>> I've an application that creates users.
>> But I've got a question.
>>
>> I can set the 'Change Pwd at Next Logon'.
>> This is what I do .. and it works ;-) :
>> usr.pwdLastSet = -1
>>
>> BUT !!!
>> Whenever I set the setting 'Pwd Never Expires' ... the 'Change Pwd at
>> Next Logon' is GONE !!! Only the 'Pwd Never Expires' setting is set.
>> This my script :
>> usr.userAccountControl = ADS_UF_NORMAL_ACCOUNT +
>> ADS_UF_DONT_EXPIRE_PASSWD
>> usr.pwdLastSet = -1
>>
>> So, After this code the 'Change Pwd at Next Logon' is NOT set !
>> Why ?
>> Can't they be set togother ??
>>
>> Thanks for any help !
>> Marc.
>>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom