Accounts that never expire (Windows)

Module: Account Integrity

Supported Platforms: Windows 2000, Windows 2003, Windows 2008

This check reports domain accounts that never expire. You can use the name list to exclude accounts that are not excluded by the Users to check option. Because local accounts do not expire, this check does not provide any information unless it is run on a domain controller.

The following table lists the error message for the check.

Table: Error message for Accounts that never expire

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information


Category: Policy Compliance

  • Windows 2000 (105912)

  • Windows 2003 (205912)

  • Windows 2008 (248912)

Title: Account never expires

Description:The account never expires. Such accounts are more difficult to administer and can be used by former employees for malicious attacks. Set accounts to expire after an appropriate time period has elapsed.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [Full/display name: %s]