Re: How to get IIS5 functional again

From: Michel Gallant (neutron@istar.ca)
Date: 05/31/02 

Date: Fri, 31 May 2002 13:50:44 -0400
From: Michel Gallant <neutron@istar.ca>

OK this is starting to look like the right area direction:

I just checked these settings, and the following USER accounts all
look configured the same (same when viewed as Power User or admin):
  IUSR_MGALLANT
  ASPNET
  IWAM_MGALLANT

all these have all boxes greyed out, except for the "Account is disabled"
box which itself is NOT checked.
-- ----Greyed out Boxes and status ---------
 User Must Change Password ---- checked
 User Cannot Change Password --- checked
 Password Never Expires --- NOT checked
 Account is Locked Out ---- NOT checked

also, the GUEST account is disabled. My own power user account
does not have any boxes greyed out.

So I obviously cannot change the "user must change password .." box.
I think this is related to some setting configured via Baseline Security
Analyzer actions.

Any further ideas?
Thanks for the time to help me sort this out.
 - Mitch Gallant

Ned Flanders wrote:

> I think you may have answered your own question :-)
> Start | Run
> compmgmt.msc
> (I have some issues with using menus....)
> Local Users and Groups
> Users
> Double-click IUSR_MGALLANT
> Un-check the "user must change password at next logon" checkbox.
> If "password never expires" is checked, the above will be greyed out.
> Uncheck the "never expires" box to enable the control.
>
> Reboot.
>
> You should be OK after that.
>
> hth
> Curtis
> > ---- System Log -------
> > Warning: W3SVC: "The server was unable to logon the Windows NT account
> 'IUSR_MGALLANT'
> > due to the following error: The user's password must be changed before
> logging on the first time.

Relevant Pages

  • Re: Password expires for no apparent reason
    ... Run net accounts on the client machine to see what the settings are set ... Were any settings within any policy set at the domain level have any ... As Harj said Account lockouts could potentially be a problem as perhaps ... Password expires for no apparent reason ...
    (microsoft.public.windows.server.active_directory)
  • Re: Password expires for no apparent reason
    ... Run net accounts on the client machine to see what the settings are set ... Were any settings within any policy set at the domain level have any ... As Harj said Account lockouts could potentially be a problem as perhaps ... Password expires for no apparent reason ...
    (microsoft.public.windows.server.active_directory)
  • Re: User Locked Out
    ... > You Are Locked Out of Your Account When You Try to Change Your Expired Password ... > | X Password never expires ... > | User may change password Yes ... do I have to reformat and reinstall windows almost every month? ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Wierd permissions on user accounts
    ... That said, as I mentioned earlier, your permissions are bad. ... *nobody* will be able to change password on the account. ... I have the following deny rules.. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Wierd permissions on user accounts
    ... If you put in DENY EVERYONE change password, then nobody will ever be able ... > created account and the permissions on that same account after using the ...
    (microsoft.public.windows.server.active_directory)