Expiring inactive accounts

From: "dubaisans dubai" <dubaisans@xxxxxxxxx>
Date: Wed, 20 Dec 2006 10:31:29 +0530

I want to ensure that Windows 2000 domain users who are not logging in
for 60 days cannot login after that without admin intervention.

In Windows NT 4.0 I used to enable the checkbox "User must login to
change password" and had a password expiry of 60 days. So if somebody
did not change password in 60 days and came later he could not login.
administrator had to reset his expired password

In Windows 2000 how do I achieve this ? I donot see this option "User
must login to change password" anywhere. I have set the password
expiry for 60 days. But somebody who logs in after 90 days also can
use his old password , immediately change to new one and login
successfully.

or is there a better way in Windows 2000 to automatically disable
inactive accounts ?

Follow-Ups:
- Re: Expiring inactive accounts
  - From: Zakar Miklos
- Re: Expiring inactive accounts
  - From: Noaman Khan

Prev by Date: RE: U3 TEchnology was RE: strange new virus
Next by Date: Re: Expiring inactive accounts
Previous by thread: Strange modifications to HD
Next by thread: Re: Expiring inactive accounts
Index(es):
- Date
- Thread

Relevant Pages

Re: Expiring inactive acounts
... Microsoft took that option away with 2K due to various implementation issues. ... Joe Richards Microsoft MVP Windows Server Directory Services ... In Windows NT 4.0 I used to enable the checkbox "User must login to ... change password" and had a password expiry of 60 days. ...
(microsoft.public.win2000.security)
Re: Expiring inactive accounts
... domain security policy is set to Maximum password age for 60 days. ... In Windows NT 4.0 I used to enable the checkbox "User must login to ... did not change password in 60 days and came later he could not login. ... In Windows 2000 how do I achieve this? ...
(Focus-Microsoft)
RE: Password never set - locked out of Windows XP Home
... Ran fixboot last night, and although the system said it had fixed the boot ... I am still stuck in the redundant loop of getting to a pop-up login ... only to not have it shutdown but instead pop back up with the same login box. ... my Windows XP Home system worked great. ...
(microsoft.public.windowsxp.accessibility)
Re: User Password at next logon
... > I have a windows 2000 domain controller. ... > option I could login to the system with the old assigned password. ... You haven't also selected "user cannot change password" or "password never ...
(microsoft.public.exchange2000.clients)
Re: sp_revoke login is not working as expected.
... EXEC xp_logininfo 'MyDomain\SomeUserAccount','members' ... Try specifying a group member rather than the group. ... This should list the Windows groups the user can connect with. ... connect with the non-existing login. ...
(microsoft.public.sqlserver.security)