none
Net User : Add local admin and set password to never expire

    Question

  • I have currently disabled and re-named the Windows 8.1 built in administrator and guest accounts. I would now like to create a local user via command line and set the account password to never expire but there doesn't seem to be a switch for that option.

    I am using

    • /PASSWORDCHG:NO to prevent the password from being changed
    • /AVTIVE:YES

    Any assistance would be greatly appreciated :)


    DHeinz

    Tuesday, March 01, 2016 2:56 PM

Answers

All replies

  • Hi.

    You might try this:

    WMIC USERACCOUNT WHERE "Name='username" SET PasswordExpires=FALSE


    Please click on Propose As Answer or to mark this post as and helpful for other people. This posting is provided AS-IS with no warranties, and confers no rights.

    Tuesday, March 01, 2016 3:03 PM
  • Hi DHeinz,

     

    Based on your description, we may try this by an elevated command window:

     

    “net accounts /MaxPWAge:unlimited

    net user %username%/expires:never”

     

    Or

     

    “wmic useraccount WHERE "Name='%username%'"setPasswordExpires=false”

     

     

    In addition, you could also refer to this case:

    https://social.technet.microsoft.com/Forums/windows/en-US/f040ff7e-6b96-4b22-9e87-bb1ede35c79e/windows-8-password-expiration?forum=w8itprogeneral

     

     

    Best Regards,

    Tao


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, March 02, 2016 11:48 AM
    Moderator
  • None of these examples work. If someone finds this I hope this works for you:

    net user ACCOUNTNAME PASSWORD /add /active:yes
    wmic useraccount WHERE Name='ACCOUNTNAME' set PasswordExpires=false
    wmic useraccount WHERE Name='ACCOUNTNAME' set PasswordChangeable=false

    This will create the local account ACCOUNTNAME, mark it active, password never expires, and no one can change it.

    This is a great step to add during your SCCM OSD or MDT OSD to ensure you have a local guest account in case a remote user's device falls off the domain and you'd like to remote in and rejoin rather than having them mail the device back.

    Thursday, May 17, 2018 8:24 PM