Resetting the password expiration in Active Directory might come in handy when a user’s password has expired and don’t have the chance to change it yet (perhaps due to network restrictions).
The Help Desk team, rather than resetting the user’s password, can reset the password expiration time without compromising security by knowing the temporary password.
Obviously, changing password is itself a security issue, so this should not be used just because you’re too bored to change your own account’s password. 🙂
Note that what you’re going to perform is not resetting the password expiration value but you’re resetting the last password set date.

There are three ways of doing this, via Active Directory Users and Computers, via ADSI Edit and via Powershell.

Active Directory Users and Computers (ADSI is very similar once you open the Object’s properties)

1. Open Active Directory Users and Computers
2. Click on View and select Advanced Features
   • 
3. Now open up the object for which you want to reset the password expiration and go to the Attribute Editor‘s tab.
4. Click once on the Attribute column, this will sort it by name.
5. Scroll down to pwdLastSet.
   • 
6. Click Edit, delete the current entry, type 0 (zero) and click Ok.
   • 
7. Click Ok to save the changes.
8. Open the object again, repeat the steps above to reach the pwdLastSet attribute and, this time, assign -1 and click Ok and Ok again to save the changes. This will reset the password last set to “now”.
   • 

Powershell

This one’s my favourite because it’s quick and easy. Run Powershell from a machine where Active Directory’s powershell module is installed (a domain controller will do). Make sure you have admin rights on the target user (or make sure you run powershell as an administrator).
Finally, run the following commands (they’re all commented to make it easier for you to understand the steps).

#Change my.user with the target user account.
$username = "my.user"
#This command will get the current PwdLastSet value.
$User = Get-ADUser $username  -properties pwdlastset
#Display the current password last set date (convert date to human readable):
[datetime]::fromFileTime($user.pwdlastset)
#Change the user's pwdlastset attribute to 0
$User.pwdlastset = 0
#Apply the changes against the object
Set-ADUser -Instance $User
#Change the user's pwdlastset attribute to -1
$user.pwdlastset = -1
#Apply the changes against the object
Set-ADUser -instance $User
#Read again the value from AD
$User = Get-ADUser $username  -properties pwdlastset
#Current password last set date, it should be displaying today (convert date to human readable):
[datetime]::fromFileTime($user.pwdlastset)