Removing Password Expiration from User Accounts

5/10/2007

By default, when you add user accounts to your image, the user is prompted to change the password 15 days before it will expire. In some types of deployments, it is not feasible or desirable for end-users to change passwords.

You can create a custom security template that turns off password expiration and add it to your image so that it runs during First Boot Agent.

Note

Weak passwords are a potential security vulnerability and can allow hackers access to your system. For more information, see Strong Passwords.

To remove password expiration from User Accounts

  1. Create a custom security template.

    For more information, see Creating a Custom Security Template Using the MMC Snap-in.

  2. In the MMC main window, under the new security template node, expand the Account Policies node.

  3. Expand the Password Policy node.

  4. In the right pane, right-click Maximum Password Age Policy.

  5. Select the Define this policy setting in the template checkbox.

  6. Set Password will not expire to 0 days.

  7. Click OK and save the template.

  8. Create a component for this security template and add it to your image, by following steps 2 through 7 in How to Create a Custom Security Template.

  1. Create a custom security template.

    For more information, see Creating a Custom Security Template Using the MMC Snap-in.

  2. In the MMC main window, under the new security template node, expand the Account Policies node.

  3. Expand the Password Policy node.

  4. In the right pane, right-click Maximum Password Age Policy.

  5. Select the Define this policy setting in the template checkbox.

  6. Set Password will not expire to 0 days.

  7. Click OK and save the template.

  8. Create a component for this security template and add it to your image, by following steps 2 through 7 in How to Create a Custom Security Template.

See Also

Tasks

Adding a User Account

Other Resources

Administrator and User Accounts
Security Templates