Yeah. I still go through the problem of user's passwords expiring and them not able to access network resources. I typically have them pull up a command prompt and attempt to access a mapped drive from the command prompt to ensure they have just had a password expiration. Or I just tell them that I think their password has expired and they should change it. 99.999% of the time that's the problem and a new password fixes it. I still have to tell them *why* they can't access the network resource though. L
John-AldrichTile-Tools From: Devin Meade [mailto:devin.me...@gmail.com] Sent: Tuesday, June 15, 2010 3:23 PM To: NT System Admin Issues Subject: Re: Password policy enforcement after a change Hmm we did that ~ 2 yrs ago. We used to assign passwords but *finally* sold it to upper mgt to do it via Active Dir and the built in complexity policy (2003 native mode). It went pretty well, nobody lost access, they had to change their passwords at next logon. We announced it well before hand (many times). Still had much wailing and gnashing of teeth but it's been worth it! We even went through the expiry of passwords and peeps were able to change them (mostly no hand holding). We added the accountinfo.dll or whatever it is called to see when passwords were set on the DC's for each acct. On Tue, Jun 15, 2010 at 2:11 PM, Ben Scott <mailvor...@gmail.com> wrote: Hello, list, After years of lobbying on my part, I have finally gotten top management at %WORK% to approve a company password policy, complete with enforcement via Active Directory/Group Policy. (And there was much rejoicing!) I know we have people who have never changed their password since they were hired in 2001. When we suddenly go from "No password expiration" to "X days", at their next logon, they'll be prompted to change their password. However, until they logoff/logon, the system won't prompt them. My question is: Will they have trouble accessing resources until they change their password? I've never tried to use a Windows domain with an 8-year-expired password before. Win 2000 AD server, Win XP Pro SP3 clients. (Yes I know Win2K has five weeks until EOL. I'm working on it. Budget priorities, bad economy, yadda yadda.) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
<<image001.jpg>>
<<image002.jpg>>
