Skip to main content

How to Change the Time to Warn a User to Change Password Before Expiration

 How to Change the Time to Warn a User to Change Password Before Expiration


 Information
If you have password expiration enabled, then this will show you how to change how far in advance (in days) users are warned that their password is about to expire.

 Warning
You can only do this while logged in as an administrator.

OPTION ONE
Through Local Security Policy Manager

NOTE: This option is only available for the Windows 7 ProfessionalUltimate, and Enterprise editions.
1. If you have not already, you must enable password expiration for each user account that you want to have their password expire for that user to be able to get a warning that their password will expire before the maximum password age has been reached.

2. Open the Local Security Policy editor.

3. In the left pane, expand Local Policies, and click on Security Options. (see screenshot below)



4. In the right pane, double click on Interactive logon: Prompt user to change password before expiration. (see screenshot above)

5. Type in how many days you want Windows 7 to begin prompting users to change their password before it expires, then click on OK. (see screenshot below)




6. Close the Local Security Policy editor.


OPTION TWO
Through Registry Editor

NOTE: This option is available for all Windows 7 editions.1. If you have not already, you must enable password expiration for each user account that you want to have their password expire for that user to be able to get a warning that their password will expire before the maximum password age has been reached.

2. Open the Start Menu, then type regedit in the search box and press enter.

3. If prompted by UAC, then click on Yes.

4. In regedit, navigate to the location below: (see screenshot below)




HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

5. In the right pane of Winlogon, double click on PasswordExpiryWarning. (see screenshot above)

6. Select (dot) Decimal, then type in how many days you want Windows 7 to begin prompting users to change their password before it expires and click on OK. (see screenshot below)

7. Close regedit.

8. Restart the computer to fully apply.

-------

A change in Windows 7 & Vista is exist.

Question:

We're a Windows 7 (pre-SP1) DLF is 2003

We updated our GPO recently to expire passwords after 90 days and warn users 10 days before. Our expectation was that Windows 7 would behave similarly to Windows XP:

  1. User logs on
  2. Windows warns that the password will expire in N days and offer the user the option to change it now or later
  3. User clicks no and they login; or they click yes and they change their password.

We tested this change with an account that is five days away from expiring, and we're not seeing any of that. Instead, the account logs on prompt-free and we get this teeny-tiny little key icon in the system tray that says the user should consider changing their password. Its so small and unobtrusive we missed it the first several times we tested. (The last 5 days!) A user could login, walk away to get coffee & come back and miss the notification bubble and completely be unaware of the system tray icon.

Here's an example screenshot:




Have we misconfiguration something? Is this a known issue/bug or undocumented 'feature'?
Is there a fix for that or will we have to impoy a vbscript to workaround this?
Many thanks for your expertise.



Answer:
Not a bug, that's built-in. Vista and 7 changed the notification for the
password change to be less... well.. annoying. Folks can still click on
the symbol in the tray to change their password. And they will be forced
to change it once it's expired.



Source : SevenForum & Microsoft Forum.

Comments

Post a Comment

Popular posts from this blog

Integration with vCloud Director failing after NSXT upgrade to 4.1.2.0 certificate expired

  Issue Clarification: after upgrade from 3.1.3 to 4.1.2.0 observed certificate to be expired related to various internal services.   Issue Verification: after Upgrade from 3.1.3 to 4.1.2.0 observed certificate to be expired related to various internal services.   Root Cause Identification: >>we confirmed the issue to be related to the below KB NSX alarms indicating certificates have expired or are expiring (94898)   Root Cause Justification:   There are two main factors that can contribute to this behaviour: NSX Managers have many certificates for internal services. In version NSX 3.2.1, Cluster Boot Manager (CBM) service certificates were incorrectly given a validity period of 825 days instead of 100 years. This was corrected to 100 years in NSX 3.2.3. However any environment originally installed on NSX 3.2.1 will have the internal CBM Corfu certs expire after 825 regardless of upgrade to the fixed version or not. On NSX-T 3.2.x interna...
Post a Comment
Read more

Calculate how much data can be transferred in 24 hours based on link speed in data center

  In case you are planning for migration via DIA or IPVPN link and as example you have 200Mb stable speed so you could calculate using the below formula. (( 200Mb /8)x60x60x24) /1024/1024 = 2TB /per day In case you have different speed you could replace the 200Mb by any rate to calculate as example below. (( 5 00Mb /8)x60x60x24) /1024/1024 =  5.15TB  /per day So approximate each 100Mb would allow around 1TB per day.
Post a Comment
Read more

Device expanded/shrank messages are reported in the VMkernel log for VMFS-5

    Symptoms A VMFS-5 datastore is no longer visible in vSphere 5 datastores view. A VMFS-5 datastore is no longer mounted in the vSphere 5 datastores view. In the  /var/log/vmkernel.log  file, you see an entry similar to: .. cpu1:44722)WARNING: LVM: 2884: [naa.6006048c7bc7febbf4db26ae0c3263cb:1] Device shrank (actual size 18424453 blocks, stored size 18424507 blocks) A VMFS-5 datastore is mounted in the vSphere 5 datastores view, but in the  /var/log/vmkernel.log  file you see an entry similar to: .. cpu0:44828)LVM: 2891: [naa.6006048c7bc7febbf4db26ae0c3263cb:1] Device expanded (actual size 18424506 blocks, stored size 18422953 blocks)   Purpose This article provides steps to correct the VMFS-5 partition table entry using  partedUtil . For more information see  Using the partedUtil command line utility on ESX and ESXi (1036609) .   Cause The device size discrepancy is caused by an incorrect ending sector for the VMFS-5 partition on the ...
Post a Comment
Read more