I don't think that NT3.51 and below has this but I no longer have a machine handy to check.
V0.3 Executable and source (20k). Fixes "lockduration forever" bug
and makes parameters case insensitive (the documentation implied they
are, but they actually weren't).
Download AccountPolicy V0.2 Executable and source (29k)
Allows setting of NT's User Account Policy of the local machine from the command line. It is almost functionally equivalent to the "Policy->Account" Menu in the User Manager tool, but is operated from the command line. It can set maximum and minimum password age, minimum password length, password history size, number of login attempts and time between them allowed before lockout, and the length that accounts are locked out.
It can be used by domain logon scripts, at jobs, lockdown scripts and the like.
It has been released under the GNU Public License (GPL).
usage: AccountPolicy [-h] [-l] [PwMaxAge n] [PwMinAge n] [PwMinLen n] [PwHistory n] [LockAfter n] [LockWindow n] [LockDuration n]
-h Show help and usage info. -l Show license and warranty.
PwMaxAge Maximum allowable password age before forced change. PwMinAge Minimum password age allowed before change permitted. PwMinLen Minimum allowable password length (characters) PwHistory Number of unique passwords remembered. LockAfter Number of failed login attempts allowed before locking account. LockWindow Period until failed login count reset. LockDuration Duration of account lockout.Each parameter is specified in units appropriate for the parameter being set. You can force the use of diffent units, however this will generate a warning and may prevent the policy from being changed.
Available units are ([S]econds [M]inutes [H]ours [D]ays and [W]eeks) and are appended to the number.
Minimum age and Maximum Age are normally specified in days. Lock Window and Lock Duration are normally specfied in minutes.
Since someone else may find it useful too, and I know of no other program with equivalent functionality, I'm turning it loose.
The command-line parsing is not as good as it could be.
Not exactly a bug, but you can specify inappropriate units (such as a maximum password age of 5 seconds) which, while not exactly invalid, are likely to be extremely irritating in practice. You will get a warning, but if you asked for it, you got it.
The option "User must log in to change password" that is present in User Administrator is not supported (It doesn't seem to be in the NetUser API's anywhere...)
Page last modified: $Date: 2015/12/01 02:44:46 $