Remove password never expires setting

Posted on Wednesday 8 February 2012 by

The final look at the password never expires setting is to see how we can remove it

$ou = "OU=England,DC=Manticore,DC=org"            
            
"`nMicrosoft"            
$name = "UserA"            
Get-ADUser -Identity $name |            
Set-ADUser -PasswordNeverExpires:$false            
            
            
"`nAD provider"            
$name = "UserB"            
$dn = "cn=$name,$ou"            
$flag = (Get-ItemProperty -Path AD:\$dn  -Name useraccountcontrol).useraccountcontrol -bxor 65536            
Set-ItemProperty -Path AD:\$dn  -Name useraccountcontrol -Value "$flag" -Confirm:$false            
            
"`nQuest"            
$name = "UserC"            
Get-QADUser -Identity $name |            
Set-QADUser -PasswordNeverExpires:$false            
            
"`nScript"            
$name = "UserD"            
$dn = "cn=$name,$ou"            
$user = [adsi]"LDAP://$dn"            
            
$flag = $user.userAccountControl.value -bxor 65536            
$user.userAccountControl = $flag            
            
$user.SetInfo()

As for setting it the cmdlets have a parameter that we set to $false and we use –bxor on the userAccountControl attribute to set the bit to off.

$user.userAccountControl.value -bxor 65536

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s