Recipe 6.22 Preventing a User s Password from Expiring

Recipe 6.22 Preventing a User's Password from Expiring

6.22.1 Problem

You want to prevent a user's password from expiring.

6.22.2 Solution

6.22.2.1 Using a graphical user interface
  1. Open the Active Directory Users and Computers snap-in.

  2. In the left pane, right-click on the domain and select Find.

  3. Select the appropriate domain beside In.

  4. Beside Name, type the name of the user you want to modify and click Find Now.

  5. In the Search Results, double-click on the user.

  6. Click the Account tab.

  7. Under Account options, check the box beside Password never expires.

  8. Click OK.

6.22.2.2 Using a command-line interface
> dsmod user "<UserDN>" -pwdneverexpires yes
6.22.2.3 Using VBScript
' This code sets a users password to never expire ' See Recipe 4.12 for the code for the CalcBit function ' ------ SCRIPT CONFIGURATION ------ strUserDN = "<UserDN>"  ' e.g. cn=rallen,ou=Sales,dc=rallencorp,dc=com ' ------ END CONFIGURATION --------- intBit = 65536 strAttr = "userAccountControl" set objUser = GetObject("LDAP://" & strUserDN) intBitsOrig = objUser.Get(strAttr) intBitsCalc = CalcBit(intBitsOrig, intBit, TRUE) if intBitsOrig <> intBitsCalc then    objUser.Put strAttr, intBitsCalc    objUser.SetInfo    WScript.Echo "Changed " & strAttr & " from " & _                 intBitsOrig & " to " & intBitsCalc else    WScript.Echo "Did not need to change " & strAttr & " (" & _                 intBitsOrig & ")" end if

6.22.3 Discussion

Setting a user's password to never expire overrides any password aging policy you've defined in the domain. To disable password expiration, you need to set the bit equivalent of 65536 (i.e., 10000000000000000) in the userAccountControl attribute of the target user.

6.22.4 See Also

Recipe 4.12 for more on modifying a bit-flag attribute and Recipe 6.24 for more on setting the userAccountControl attribute



Active Directory Cookbook
Active Directory Cookbook, 3rd Edition
ISBN: 0596521103
EAN: 2147483647
Year: 2006
Pages: 456

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net