With Active Directory user objects comes the burden with password management. With many business critical applications dependent on user objects, the ability to get a maintenance window to change a password can be a hard battle for an Active Directory administrator or application owner. When that user object is used by many applications, the burden is magnified to near impossibility because of the downtime required. These “service account” passwords become institutional knowledge and reused over time on systems that the password was not originally intended. What Innova Solutions architects discover time-and-time again at our clients are those application-based user objects set with their password to never expire. The previously mentioned simple password never expires report will bring these user objects to the surface if they exist in your organization.