A colleague of mine has found that they can use the 'additional account
info' DLL in MMC 32-bit. You can launch mmc in 32-bit mode by using the
/32 switch: "mmc.exe /32"

 

Personally, I use LockoutStatus.exe (from MS available on their site).
It doesn't invoke AAM when UAC is on so you may have to do that manually
if you want to use it to interact with any DC logs, and I can't reset
passwords from it (in any OS on a 2003 AD domain). It continually chokes
on password complexity requirements.

 

Other than that, great to see how many last bad passwords, when they
were, and when the password was set along with how long they have until
it expires.

 

I believe that LockoutStatus uses the same DLL required for the
'additional account info' tab, also. Same set of tools: ALTools. 

 

From: Glen Johnson [mailto:[email protected]] 
Sent: Monday, March 01, 2010 11:01 AM
To: NT System Admin Issues
Subject: RE: Password Change History

 

I sure wish they would update that to work with 64bit and 2008 ADU&C.

Got used to it on 2003 and now I miss it.

 

From: David Mazzaccaro [mailto:[email protected]] 
Sent: Monday, March 01, 2010 10:50 AM
To: NT System Admin Issues
Subject: RE: Password Change History

 

You can add "additional account info" into Active Directory Users and
Computers:

 

http://www.petri.co.il/view_additional_user_information_in_aduc.htm

 

This will tell you when her password was last changed, and when it is
set to expire next.

 

 

________________________________

From: John Hornbuckle [mailto:[email protected]] 
Sent: Monday, March 01, 2010 10:09 AM
To: NT System Admin Issues
Subject: Password Change History

We have a group policy requiring setting a maximum password age of 90
days. I have a user who swears she's having to change hers more
frequently than that. I'm not really sure how to troubleshoot... Is
there some way I can confirm whether or not what she's saying is
accurate? It seems likely that it just FEELS like more frequently than
90 days to her, but you never know-weird things can happen sometimes.
And since we only implemented password expiration relatively recently,
it's possible that I did something wrong. Although I'd have expected to
hear from a lot more people than just one if that's the case.

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

www.taylor.k12.fl.us

 

 
 
NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.


.

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Reply via email to