KB ID 0001272 Dtd 12/01/17
I was setting up a Cisco ASA this week and needed to enable the ability for users to reset their domain passwords when they are about to expire. To actually test that, I needed a test user that had their password either about to expire, or actually expired. As I dint want to wait 42 days, or setup a password policy just for one user, I needed to find a ‘quick and dirty’ fix for one user.
You need to open Active Directory Users and Computers, and you need to have ‘Advanced options’ enabled. Locate your user and open their properties > Attribute Editor > Attributes > pwdLastSet.
If you want to set it to expired, then set its value to Zero.
It should change to <never>, which is not strictly true, it actually changes to 12:00AM January 1st 1601.
Note: If you set its value to -1 and apply the change it resets the attribute to the current day and time (you may need to close and reopen the property dialog to see the change).
Related Articles, References, Credits, or External Links