Machine account password control

There was friend who recently had a number of "Network appliances" drop off from this network for the second time. These appliances are running Windows XP Embedded, that are joined to an AD domain, and are not normally accessed directly by users at any time. After checking the logs, it was shoing that the drop-off happens 1 months after the appliances were joined to the domain, then 30 hence after the machine were disjoined/rejoined to the domain. The question that I am having is, whats the normal status for the computer account password refreshing, that is, a user must login to a machine every 30 days or less in order for the machine password to be refreshed in the background? Thanks

Did you check the local security settings on the computers? This used to happen with me and I found out that the local security settings were set to less than that in the GPO's. Once I altered the local security settings to that of the GPO's where the password does not expire, then it solved the issue and the pc is no longer dropping off the domain.

In Active Directory–based domains, each computer has an account and password, just like every user. By default, the domain members automatically change their domain password every 30 days. Increasing this interval significantly, or setting it to 0 so that the computers no longer change their passwords, gives a malicious user more time to undertake a brute-force password-guessing attack against one of the computer accounts. For more information, go to this website - http://technet.microsoft.com/en-us/l...=ws.10%29.aspx