With no password expire notification at logon in Windows 7, how are you configuring password expire notification?

password windows-7

Solution 1:

This sounds like one of those situations where you make a perfectly sensible configuration choice (disable balloon notifications to improve the user experience). Then something comes up that conflicts with that decision. At that point, you can fudge a compromise (and typically end up with a big mess, or something absurdly complicated in relation to the actual size of the problem). Alternatively, back out your change. In most cases I reckon it's best to take the learning experience, and back out of the earlier decision.

tl;dr Re-enable balloon notifications.

Solution 2:

This is an old post, but I finally updated the script to detect and not respond to non-expiring passwords.

'==========================================
' Check for password expiring notification
'==========================================
' First, get the domain policy.
'==========================================
Dim oDomain
Dim oUser
Dim maxPwdAge
Dim numDays
Dim warningDays

warningDays = 6

Set LoginInfo = CreateObject("ADSystemInfo")  
Set objUser = GetObject("LDAP://" & LoginInfo.UserName & "")  
strDomainDN = UCase(LoginInfo.DomainDNSName) 
strUserDN = LoginInfo.UserName

'========================================
' Check if password is non-expiring.
'========================================
Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
intUserAccountControl = objUser.Get("userAccountControl")
If intUserAccountControl And ADS_UF_DONT_EXPIRE_PASSWD Then
    'WScript.Echo "The password does not expire."
Else

    Set oDomain = GetObject("LDAP://" & strDomainDN)
    Set maxPwdAge = oDomain.Get("maxPwdAge")

    '========================================
    ' Calculate the number of days that are
    ' held in this value.
    '========================================
    numDays = CCur((maxPwdAge.HighPart * 2 ^ 32) + _
                    maxPwdAge.LowPart) / CCur(-864000000000)
    'WScript.Echo "Maximum Password Age: " & numDays

    '========================================
    ' Determine the last time that the user
    ' changed his or her password.
    '========================================
    Set oUser = GetObject("LDAP://" & strUserDN)

    '========================================
    ' Add the number of days to the last time
    ' the password was set.
    '========================================
    whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
    fromDate = Date
    daysLeft = DateDiff("d",fromDate,whenPasswordExpires)

    'WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged

    if (daysLeft < warningDays) and (daysLeft > -1) then
        Msgbox "Password Expires in " & daysLeft & " day(s)" & " at " & whenPasswordExpires & chr(13) & chr(13) & "Once logged in, press CTRL-ALT-DEL and" & chr(13) & "select the 'Change a password' option", 0, "PASSWORD EXPIRATION WARNING!"
    End if

End if

'========================================
' Clean up.
'========================================
Set oUser = Nothing
Set maxPwdAge = Nothing
Set oDomain = Nothing

This was the original answer & script

A VBS script that goes in to your GPO that displays a popup window telling the user their password expires in # days and that the user MUST click OK to dismiss.

It goes in the GPO - User Config - Policies - Admin Templates - System - Logon - Run these programs at user logon. You will also need to add the folder location to IE Trusted Sites to avoid having a popup asking if it should run the script.

PwExpChk.vbs

'========================================
' First, get the domain policy.
'========================================
Dim oDomain
Dim oUser
Dim maxPwdAge
Dim numDays
Dim warningDays

warningDays = 6

Set LoginInfo = CreateObject("ADSystemInfo")  
Set objUser = GetObject("LDAP://" & LoginInfo.UserName & "")  
strDomainDN = UCase(LoginInfo.DomainDNSName) 
strUserDN = LoginInfo.UserName


Set oDomain = GetObject("LDAP://" & strDomainDN)
Set maxPwdAge = oDomain.Get("maxPwdAge")

'========================================
' Calculate the number of days that are
' held in this value.
'========================================
numDays = CCur((maxPwdAge.HighPart * 2 ^ 32) + _
                maxPwdAge.LowPart) / CCur(-864000000000)
'WScript.Echo "Maximum Password Age: " & numDays

'========================================
' Determine the last time that the user
' changed his or her password.
'========================================
Set oUser = GetObject("LDAP://" & strUserDN)

'========================================
' Add the number of days to the last time
' the password was set.
'========================================
whenPasswordExpires = DateAdd("d", numDays, oUser.PasswordLastChanged)
fromDate = Date
daysLeft = DateDiff("d",fromDate,whenPasswordExpires)

'WScript.Echo "Password Last Changed: " & oUser.PasswordLastChanged

if (daysLeft < warningDays) and (daysLeft > -1) then
    Msgbox "Password Expires in " & daysLeft & " day(s)" & " at " & whenPasswordExpires & chr(13) & chr(13) & "Once logged in, press CTRL-ALT-DEL and" & chr(13) & "select the 'Change a password' option", 0, "PASSWORD EXPIRATION WARNING!"
End if

'========================================
' Clean up.
'========================================
Set oUser = Nothing
Set maxPwdAge = Nothing
Set oDomain = Nothing

Related

Why ethernet cables must be ended with specific arrangement
What is the most used server distro?
File replication on linux?
Find Installation Date of Windows Updates
hosting IP change, how much downtime to expect?
Router IP (Best Practice)
Staging environment, how to deal with domain name?
How can I get just the site name from the "AppCmd.exe list site" command?
19" Rackmountable fast storage arrays
Configure Apache to use external proxy for internet connection
Getting correct SERVER_PORT to php-fpm through nginx and varnish
Configure Dovecot to only let localhost connect via imap