Set-ADAccountControl PowerShell cmdlet allows you set User Account Control flags such as PasswordNotRequired, CannotChangePassword flags via command line:
To make sure a user is required to change the password before logon, execute below command:
- Set-ADAccountControl NickS -PasswordNotRequired $false
To make sure password never expires for a user account such as a service account, use below command:
- Set-ADAccountControl NickS -PasswordNeverExpires $true
To ensure user is not able to change his/her password, execute below command:
- Set-ADAccountControl 'CN=NickS, OU=CyberUser, DC=Test, DC=Local' -CannotChangePassword $true
About Nirmal Sharma
Nirmal is a MCSEx3, MCITP and was awarded Microsoft MVP award in Directory Services and Windows Networking. He is specialized in Directory Services, Failover cluster, Hyper-V, System Center, Windows Azure, and Exchange Servers and has been involved in Microsoft Technologies since 1994. In his spare time, he offers technical help by writing tips and articles on several web sites. Nirmal can be reached at nirmal_sharma@mvps.org.
