This would be easier: http://blogs.brnets.com/michael/archive/2005/09/13/1474.aspx ________________________________ From: Robert Lawson [mailto:rlawson@xxxxxxxx] Sent: Tuesday, September 13, 2005 12:34 PM To: [ExchangeList] Subject: RE: [exchangelist] password expiration notices Mike, Our max days is also 90. I run a dsquery script on Monday to see whose accounts are going to expire in the next 7 days (actually they are 83 days old). We email users from this list AND call them. From the calls we've found that many users don't log off, thus don't get the notification. So we've starting re-education to get users to log off nightly and restart weekly. The list has started to shrink over the weeks. The query: dsquery user "OU=start OU,DC=yoursite,DC=ext" -stalepwd 83 -limit 0 | dsget user -samid -email -empid -display -title -dept -tel -office -disabled -canchpwd -pwdneverexpires -acctexpires -mustchpwd This query includes accounts where "Password never expires" = true, which really need to be excluded. I redirect query output to text file, import into Excel, sort by pwneverexpires, and make the list. Thanks, Robert Robert Lawson Senior Database Administrator/email administrator Soka University of America 1 University Drive Aliso Viejo, CA. 92656 main: 949.480.4000 fax: 949.480.4001 direct: 949.480.4224 rlawson@xxxxxxxx ________________________________ From: A. Michael Salim [mailto:msalim@xxxxxxxxxxxx] Sent: Wed 9/7/2005 2:38 PM To: [ExchangeList] Subject: [exchangelist] password expiration notices http://www.MSExchange.org/ Hi, On Exchange 2003 / Windows 2003, on one server the password policy is set for 90 days (Domain Controller Security Settings / Account Policies / Password Policy / Maximum Password Age). Is there a way to make the system send out advance password expiration notices so the users have some warning? Currently the system is not sending any warnings that the password is about to expire, so users show up in the morning unable to log in and get pretty annoyed because they can't even log in to change the password on their own at that point (the only access they have to the Exchange server for changing passwords is via OWA because this Exchange server is not on a local LAN but across the Internet). Best regards Mike Salim ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this MSEXchange.org Discussion List as: rlawson@xxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Report abuse to listadmin@xxxxxxxxxxxxxx