Did Specops Expire My Password?
*This article is for 7.14 and higher*
Often questions arise regarding Specops and password expiration. Below are the steps that can be followed to verify if Specops caused a password to expire.
Checking the Periodic Scanning tab
This tab provides counts of users affected by Specops Password Policy, along with license information, password expiration, users whose passwords have been affected due to breached password protection:
From the 3 highlighted rows below, we can see that these accounts have passwords that the users will be required to change:
We can also take this a step further by first confirming which machine is the Periodic scanning domain controller which by default is the PDC by looking at the top of the Periodic scanning tab and seeing which DC is defined in Periodic scanning domain controller:
Then utilizing the logs in the event viewer under Applications and Services Logs, under the Specops filter:
The events in which they are located are the following:
| Event Source | Event ID | Description |
|---|---|---|
| Password Sentinel Service (Specops) | 1094 | [Breached Password Protection Complete] Expiring the password of 'user' |
| Password Sentinel Service (Specops) | 1094 | [BPPExpress] Expiring the password of 'user' |
| Password Sentinel Service (Specops) | 1089 | [PasswordExpiration] Expiring the password of user |
To see accounts that have already been flagged:
You Can refer to the events below:
| Event Source | Event ID | Description |
|---|---|---|
| Password Sentinel Service (Specops) | 1123 | [Breached Password Protection Complete] The password of 'User' is already expired |
| Password Sentinel Service (Specops) | 1123 | [Breached Password Protection Express] The password of 'User' is already expired |
| Password Sentinel Service (Specops) | 1084 | [Password Expiration] The password for User should be expired |