Archived from groups: microsoft.public.win2000.security (
More info?)
Thanks for the information. That is what I was looking for!
Jeff
"Steven L Umbach" wrote:
> OK. Sorry I misunderstood. This method will work but requires that you have
> an XP Pro computer on the domain. Assuming you do and it is a known secure
> workstation [because you will need to logon as a domain admin], install
> adminpak for Windows 2003 and install it on the XP Pro computer. You can
> then use the Active Directory command line tools on your Windows 2000
> domain. To change the administrator account to never expire use this command
> [ dsmod user cn=administrator,cn=users,dc=mydomain,dc=com -pwdneverexpires
> yes ]. This example assumes the administrator account is in the default
> users container and the domain name is just an example of mydomain.com which
> of course you would want to change to your own domain. I personally find the
> command line tools very hand in a Windows 2000 domain but if you do not want
> to use them then uninstall adminpak from that computer. For example the
> command [ dsquery user -stalepwd 40 ] will find all the users that have not
> changed their passwords in the last 40 days or you can enumerate all the
> groups a user is in directly or also via nesting. The link below explains
> more about these commands. --- Steve
>
>
http://www.microsoft.com/windowsxp/home/using/productdoc/en/default.asp?url=/windowsxp/home/using/productdoc/en/DS_command_line_tools.asp
>
> "Jeff" <Jeff@discussions.microsoft.com> wrote in message
> news:49051F43-0A5D-4646-87E6-DAFA29DDC99C@microsoft.com...
> >I want to be able to set the option to have my password never expire. It
> >is
> > expiring already, every 14 days or so, and the option to set to to never
> > expire is grayed out.
> >
> > Jeff
> >
> > "Steven L Umbach" wrote:
> >
> >> I believe that is normal in Windows 2000 in that the built in
> >> administrator
> >> account for the domain can never expire. That account should be
> >> configured
> >> with a very complex password and you will just have to remember to change
> >> it
> >> periodically. --- Steve
> >>
> >>
> >> "Jeff" <Jeff@discussions.microsoft.com> wrote in message
> >> news:5218E805-0514-4A9C-BE0A-1C3940B8268A@microsoft.com...
> >> >I have a Windows 2000 server running Active Directory, and on the
> >> > Administrator account for the server, the option to have the password
> >> > never
> >> > to expire is grayed out. I would like to be able to set this option,
> >> > but
> >> > it
> >> > will not let me. Any help would be appreciated. Thanks.
> >> >
> >> > Jeff
> >>
> >>
> >>
>
>
>