How to set password NEVER EXPIRES to an user account trough NET USER cmd

[nchalo]

Hi Guys! Does anyoneone can help me with his?
I'm trying to configute using Command Line (CMD) some local account configuration.
It must be configured by any standart windows command tools.
I need to configure the "Passworw Never Expires" option using the command line.
I had success by setting other options as "Account is disabled" and "User cannot change password". But this option is really making me sad.
Could someone please give me a tip!?
Thanks in advance

 

[tigsounds]

We don't do a lot of password magic here.

It's in a gray area of hacking because so many things in the Group Policy Editor have warnings that although set a certain way, a person can bypass the settings by direct methods, making enforcement of a policy ineffective.

BoM really doesn't want to be in the news headlines as the source of information someone used to break into a system using an old password that should have expired (according to the group policy), but was set to never expire by things learned here.

If you are an account holder/Administrator of the computer,
then perhaps it's best to use standard Group Policy Editor to make a password never expire.

 

[Mousemonkey]

No password hacking/cracking is to be discussed here so as long as you don't do that this thread can remain.

 

[nchalo]

Hi Guys once again! I agree with you. Security is our main concern.
I'm a system administrator in a very known company and I was trying to create a bat script that makes some configurarion tasks over a local service account that is in every server from our forest.
Anyway I found the way to perform this task.
This command must be run with a full administrator rights over the WMI.

WMIC USERACCOUNT WHERE "Name='username" SET PasswordExpires=FALSE


I'm leaving the resolution to you people. If you might consider that information is again the web policies you are welcome to delete this post.
Thanks for your time once again.
Best regards,

 

[unhappy_one]

Thank you so very much, mate!!

 

[AGTDenton]

I know it's an old topic, but I just thought I would expand upon it as I found the final solution useful (Thanks nchalo). And its one of those posts that lacks discussion but comes up top in a search result for many looking for a quick solution.

Firstly the main reason for replying, there is a small typo in the final solution, just missing a ' surrounding the username.

WMIC USERACCOUNT WHERE "Name='username'" SET PasswordExpires=FALSE

Secondly to those who are confused by why you would ever want to do this here is my reason.

If you create users via the NET USER command utility this sets the "User must change password at next logon" flag to true meaning the "Password Never Expires" flag is false. This is the opposite to creating users via the control panel.
I create kiosk based computers which includes a default user that has access to a single application, generally the user does not have access to the default Windows shell or any other application. Often there is no keyboard attached to the kiosk either. So if the password expires whilst being used it is embarrising to say the least.

So whilst my scripts originally created users via command prompt I still had to tick the Password Never Expires check box manually. I can now fully automate this procedure.