Rem: Prompting Password Changes


I want to use Windows Script Host (WSH) to create Windows NT 4.0 user accounts. I'd like to initially set the password to somepassword for new users, then have them change their password when they first log on. How can I programmatically select the User must change password at next logon check box so that NT tells users to change their password?

You can use the Microsoft Active Directory Service Interfaces (ADSI) WinNT provider to programmatically enable the User must change password at next logon option for SAM-based user accounts. As the code in Listing 2 shows, you must first obtain a reference to the appropriate User object, then you can set that object's PasswordExpired property to 1. Finally, you use the SetInfo method to write the change from the cache to the SAM. To use the code in Listing 2, you need to replace DomainName and UserName with the names of your domain and user, respectively.

You can find more information about the PasswordExpired property, including sample code, at For general information about ADSI, go to This site includes links to download ADSI 2.5 and the ADSI software development kit (SDK).

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.