I have scripted LclUsrCP.bat to force a local user to change their password at next logon.

The syntax for using LclUsrCP.bat is:

call LclUsrCP user YorN

Where:

<b>user</b> is the local user account, like Jerry.

<b>YorN</b> is a <a href="/article/jsifaq/jsi-tip-5535-how-can-i-cause-a-called-batch-file-to-return-a-call-directed-environment-variable-.aspx">call directed environment variable</a> that will contain a:
     <b>Y</b> if the account was set successfully
     <b>N</b> if setting the account was unsuccessful
LclUsrCP.bat contains:
@echo off
if \{%2\}==\{\} @echo Syntax LclUsrCP user YorN&goto :EOF
setlocal
set user=%1
set user=%user:"=%
if exist "%TEMP%\LclUsrCP.vbs" goto doit
@echo Dim oArgs>"%TEMP%\LclUsrCP.vbs"
@echo Set WshShell = WScript.CreateObject("WScript.Shell")>>"%TEMP%\LclUsrCP.vbs"
@echo Set oArgs = WScript.Arguments>>"%TEMP%\LclUsrCP.vbs"
@echo strUserName = oArgs(0)>>"%TEMP%\LclUsrCP.vbs"
@echo Set objNetwork = CreateObject("Wscript.Network")>>"%TEMP%\LclUsrCP.vbs"
@echo strComputer = objNetwork.ComputerName>>"%TEMP%\LclUsrCP.vbs"
@echo Set objUser = GetObject("WinNT://" ^& strComputer ^& "/" ^& strUserName)>>"%TEMP%\LclUsrCP.vbs"
@echo objUser.Put "PasswordExpired", ^1>>"%TEMP%\LclUsrCP.vbs"
@echo objUser.SetInfo>>"%TEMP%\LclUsrCP.vbs"
:doit
set log="%TEMP%\LclUsrCP_%RANDOM%.TMP"
set OK=Y
cscript //nologo "%TEMP%\LclUsrCP.vbs" %user%>%log% 2>&1
for /f "Tokens=*" %%u in ('type %log%') do (
 set OK=N
)
del /q %log%
endlocal&set %2=%OK%