Preventing a User's Password from Expiring

Applies To: Windows Server 2008 R2

This topic explains how to use the Active Directory module for Windows PowerShell to prevent a user’s password from expiring.


The following example demonstrates how to prevent the password to expire for the user SaraDavis:

Set-ADAccountControl -Identity SaraDavis -PasswordNeverExpires $true

Additional information

You can use the following parameters when you set many of the common values that are associated with user account control in Active Directory Domain Services (AD DS):

  • -AllowReversiblePasswordEncryption

  • -TrustedForDelegation

  • -PasswordNeverExpires

  • -AccountNotDelegated

  • -DoesNotRequirePreAuth

  • -TrustedToAuthForDelegation

  • -UseDESKeyOnly

  • -PasswordNotRequired

  • -CannotChangePassword

  • -Enabled

  • -HomedirRequired

  • -MNSLogonAccount

For a full explanation of the parameters that you can pass to Set-ADAccountControl, at the Active Directory module command prompt, type Get-Help Set-ADAccountControl –detailed, and then press ENTER.