AD Attributes

Active Directory Attributes » Active Directory password attribute: ms-DS-User-Dont-Expire-Password

Active Directory password attribute: ms-DS-User-Dont-Expire-Password

This attribute indicates whether the password for a user account will expire or not.

CN ms-DS-User-Dont-Expire-Password
Ldap-Display-Name msDS-UserDontExpirePassword
Attribute-Id 1.2.840.113556.1.4.1855
System-Id-Guid 8788193a-2925-43d9-a221-bb7fff397675

For more details about this attribute, refer to this Microsoft document.

Expiring passwords, if left unchanged, will result in a lot of issues for end users. Specifically, remote users, who are not connected to the domain network when their password expires, will have no way of knowing when their passwords will expire. Hence, it is important to keep track of users’ password expiration status and help them change passwords before expiration.

ADSelfService Plus, an integrated Active Directory self-service password management and single sign-on solution, helps notify users about their password expiration well in advance and let them change their domain passwords securely through a web-based portal.

How ADSelfService Plus can solve password expiration-related issues

  1. Password expiration status reports: Easily identify users whose passwords will expire soon and users whose passwords have already expired with built-in reports.
  2. Timely alerts for password expiration: Automate password change reminders with alerts sent to users via email, SMS, or push notifications so they can change their passwords before they expire.
  3. Phased and imperative reminders: Configure multiple notifications to be sent at regular intervals so that reminders don't go unnoticed.
  4. Selective reminders: You can choose to whom to remind. For example, you can opt to set up reminders only for an OU full of remote users and leave out the rest.

Simplify password management with ADSelfService Plus.

Get Your Free Trial

Self-service password management and single sign-on solution

ManageEngine ADSelfService Plus is an integrated self-service password management and single sign-on solution for Active Directory and cloud apps. Ensure endpoint security with stringent authentication controls including biometrics and advanced password policy controls.