Resolution
How do I configure Directory and Resource Administrator to automatically check the 'User must change password at next logon' flag when a user account is created?
fact
Directory and Resource Administrator 6.x
fact
Directory and Resource Administrator 7.x
fix
When creating or cloning a user account, an Assistant Admin is able to check or uncheck the User must change password at next logon flag if the Assistant Admin has been delegated the necessary powers. In order to enforce best practices or company policies to always check the User must change password at next logon flag when a user account is either created or cloned, a pre-task trigger can be configured to automatically check this flag regardless of whether an Assistant Admin checks the flag or not.
A sample script called CheckUMCPFlag.vbs is available from the DRA Knowledge Depot. The script can be found under the Triggers and Policy Script section and requires a UserID and password to download the script. The script must be implemented as a pre-task trigger associated with both the UserCopy and UserCreate operations. Once the trigger is configured in Directory and Resource Administrator, the flag User must change password at next logon will always be checked when any Assistant Admin creates or clones a user account in the domain using Directory and Resource Administrator.