RE: password expiration notices

  • From: "Robert Lawson" <rlawson@xxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Tue, 13 Sep 2005 09:34:00 -0700

  Our max days is also 90.  I run a dsquery script on Monday to see whose 
accounts are going to expire in the next 7 days (actually they are 83 days 
old).  We email users from this list AND call them.  From the calls we've found 
that many users don't log off, thus don't get the notification.  So we've 
starting re-education to get users to log off nightly and restart weekly.  The 
list has started to shrink over the weeks.  The query:
dsquery user "OU=start OU,DC=yoursite,DC=ext" -stalepwd 83 -limit 0 | dsget 
user -samid -email -empid -display -title -dept -tel -office -disabled 
-canchpwd -pwdneverexpires -acctexpires -mustchpwd
  This query includes accounts where "Password never expires" = true, which 
really need to be excluded.  I redirect query output to text file, import into 
Excel, sort by pwneverexpires, and make the list.  
Thanks, Robert

Robert Lawson
Senior Database Administrator/email administrator
Soka University of America
1 University Drive
Aliso Viejo, CA. 92656
main: 949.480.4000 fax: 949.480.4001
direct: 949.480.4224 rlawson@xxxxxxxx 


From: A. Michael Salim [mailto:msalim@xxxxxxxxxxxx]
Sent: Wed 9/7/2005 2:38 PM
To: [ExchangeList]
Subject: [exchangelist] password expiration notices


On Exchange 2003 / Windows 2003, on one server the password policy is set
for 90 days (Domain Controller Security Settings / Account Policies /
Password Policy / Maximum Password Age).

Is there a way to make the system send out advance password expiration
notices so the users have some warning?  Currently the system is not
sending any warnings that the password is about to expire, so users show
up in the morning unable to log in and get pretty annoyed because they
can't even log in to change the password on their own at that point (the
only access they have to the Exchange server for changing passwords is via
OWA because this Exchange server is not on a local LAN but across the

Best regards
Mike Salim

List Archives:
Exchange Newsletters:
Visit for more information about our other sites:
You are currently subscribed to this Discussion List as: 
To unsubscribe visit
Report abuse to listadmin@xxxxxxxxxxxxxx

Other related posts: