Preventing a User's Password from Expiring

Updated: February 28, 2009

Applies To: Windows Server 2008 R2

This topic explains how to use the Active Directory module for Windows PowerShell to prevent a user’s password from expiring.

The following example demonstrates how to prevent the password to expire for the user SaraDavis:

Set-ADAccountControl -Identity SaraDavis -PasswordNeverExpires $true

You can use the following parameters when you set many of the common values that are associated with user account control in Active Directory Domain Services (AD DS):

  • -AllowReversiblePasswordEncryption

  • -TrustedForDelegation

  • -PasswordNeverExpires

  • -AccountNotDelegated

  • -DoesNotRequirePreAuth

  • -TrustedToAuthForDelegation

  • -UseDESKeyOnly

  • -PasswordNotRequired

  • -CannotChangePassword

  • -Enabled

  • -HomedirRequired

  • -MNSLogonAccount

For a full explanation of the parameters that you can pass to Set-ADAccountControl, at the Active Directory module command prompt, type Get-Help Set-ADAccountControl –detailed, and then press ENTER.

Community Additions