Reputation: 151
Force the password expiration date for a LOCAL user account
I want to force the specific expiration date of a password NOT an account for a LOCAL user NOT an AD user using powershell.
I know you can do this with an AD user, by using ADSI/LDAP and setting the pwdLastSet attribute to 0.
Can a similar thing be done for local accounts, if so, using what command/syntax. I have looked all over google, and played with net user commands, and I have managed to make the local user account expire, however, I dont want the account to expire, I want the password to expire.
Upvotes: 1
Views: 9426
Answers (2)
Reputation: 341
In case you want to force password expiration, just so that you force the user to change the password on the next logon, you can also do it with the net command using:
net user $username /logonpasswordchg:yes
Upvotes: 1
Reputation: 200313
The simplest way to set an account expiration date is to use the net command:
& net user $username /expires:"$($date.ToString('MM\/dd\/yyyy'))"
AFAIK password expiration of local users can't be set to a specific date or for individual accounts. The expiration is controlled by the Maximum Password Age (local) security policy. You can set the maximum age from the commandline like this:
& net accounts /maxpwage:$numdays
but the policy affects all local accounts, and just defines a maximum age, not a specific expiration date.
Upvotes: 2
Related Questions
- How to get no of day remaining for password to expire with powershell script
- Create user with "password never expires" in PowerShell
- Powershell password expiration date filtering
- Get Password expiry date for one single user in AD
- Set PasswordNeverExpires flag for Local User Group through Powershell
- Active Directory password expiration in powershell
- Need powershell cmd to export Local user password expiry date
- Powershell: Password Must Change Next Logon when Password Expires in 1 day
- account expiration/password expiration in active directory
- Days until password expires