I've used this in that situation. You can change it from the three days on there to whatever you like and since it uses subtree search, you can use either a specific OU or the entire domain directory if you want. It is per domain.
The script will email a notification with a link to the web page vs. doing a popup (so email is important right?) You would also have to turn off the notification in the domain to prevent the confusion. I use this script for users in a different forest than the one their workstation is in. http://www.houseofqueues.com/CodeSamples/PassCheck.txt -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, March 22, 2005 9:30 AM To: [email protected] Subject: [ActiveDir] Password Expiration Prompt In our environment we use a product called Passport to synchronize password changes across multiple accounts. Our users are aware of this product and the procedures required for making a password change, however, the Default Domain GPO specifies that the user will be notified to change their password 5 days before expiration. When a user logs in and sees this message they become confused and frustrated because they think this change will apply to all accounts and passwords, which it does not. Is there a script or setting I can change that will notify the user it is time for a password change and take them directly to the Passport website to change their password? Thanks, Chris List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
