At my job we get scanned frequently for vulnerabilities, and it is considered a vulnerability to have an account with a password that never expires. We have service accounts that we rely on being automated and we can't get ourselves into the business of changing service password on a reg basis; so what I have here is a way to trick the domain into believing an accounts password has not expired (we dubbed it tickling around here). Basically how it works is an Active Directory domain has a prope