Re: Password Nerver Expires ACLs
From: Joe Richards [MVP] (humorexpress_at_hotmail.com)
Date: 01/31/04
- Previous message: Joe Richards [MVP]: "Re: "account unknown" on acl cannot be removed without blocking inheritence"
- In reply to: Jay Knowlton: "Password Nerver Expires ACLs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 30 Jan 2004 23:42:52 -0500
You have to modify the permissions on the useraccountcontrol attribute,
unfortunately doing that will mean only domain admins can effectively create
an ID because they would be the only ones who could do the required enable
after the password was set.
-- www.joeware.net "Jay Knowlton" <jdk@zhonka.net> wrote in message news:63e301c3e5fb$d214b3f0$a501280a@phx.gbl... > How can I change the default ACLs for the account creation > process in a Windows 2000 Domain so that the only users > that have rights to check/uncheck the Password Never > Expires checkbox are members of the Domain Admins Security > group? > > Also, can changing the security of this checkbox on all > existing user objects be scripted? > > Thanks! - Jay Knowlton
- Previous message: Joe Richards [MVP]: "Re: "account unknown" on acl cannot be removed without blocking inheritence"
- In reply to: Jay Knowlton: "Password Nerver Expires ACLs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
