Reset AD Users Password Expiration Date
- By : Dom
- Category : Active Directory
1.In Active directory users and computers, make sure advanced features is enabled
2.Navigate to the user account, there should be an Attribute Editor tab
3.Scroll to the pwdLastSet field. Modify it by entering 0 (zero) in the value field. Click OK. This sets the value to (Never) as in the password has never been set. Click OK on the User Account Properties box.
4.Open the User’s Account Properties again. Go back to the Attribute Editor tab. Scroll to pwdLastSet and modify it with a value of -1. Click OK twice.
5.When you view the pwdLastSet value, it will now indicate today’s date.
Conclusion
While this is not the best solution because it extends the password expiration from today’s date based on our Domain Password Policy instead of just setting it to expire in a few days time. It is better then setting then leaving it set to Never Expire and end up forgetting to change it back. Have used this for remote workers who cannot connect to the vpn as their password has expired.
No Comments