We have created a new FGPP for a set of AD accounts which will never get locked out. and we have also created a GPO to make sure those accounts will never be able to login to any machines interactively or via remote desktop.
When we tried to pull out the badpwdcount of these accounts we could see that the NO is keep on increasing and we want to reset the badpwdcount value to 0 once we fix the issue. Since the login is not allowed, it is not getting reset automatically.
Is there any way we can manually reset badpwdcout value of an AD object.