Password policy

Toggle sidebar Toggle sidebar
B

bill

Distinguished
Mar 30, 2004
1,834
0
19,780
Archived from groups: microsoft.public.win2000.active_directory (More info?)

If our current password policy does not have a maximum password age, and some
users have a password of over 90 days, and we implement a password policy
that has a maximum password age of 90 days, do those users have 90 days to
change their passwords, or since their passwords are older than 90 days are
they considered expired as soon as the password policy is put into effect?

thank you,
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

the password policy begins from the time you create the policy.

If you want them to change thier passwords, you can modify the individual
accounts (via MMC or script) to force a password change.

-ds


"Bill" <Bill@discussions.microsoft.com> wrote in message
news:FFCF3D40-0F40-4B12-A3D6-28CA20D1B342@microsoft.com...
> If our current password policy does not have a maximum password age, and
> some
> users have a password of over 90 days, and we implement a password policy
> that has a maximum password age of 90 days, do those users have 90 days to
> change their passwords, or since their passwords are older than 90 days
> are
> they considered expired as soon as the password policy is put into effect?
>
> thank you,
 
B

bill

Distinguished
Mar 30, 2004
1,834
0
19,780
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Are you saying if I implement the policy today with a max password age of 90
days, and regardless of how old any of the user's passwords are, those
passwords will only expire in 90 days? I've done some testing in a child
domain, and the opposite seems to apply. I have the max age set to 4 days,
and all users whose password are more than 4 days old are being prompted to
change their password the first time they logged in after the policy was put
into place.

"Dave Shaw [MVP]" wrote:

> the password policy begins from the time you create the policy.
>
> If you want them to change thier passwords, you can modify the individual
> accounts (via MMC or script) to force a password change.
>
> -ds
>
>
> "Bill" <Bill@discussions.microsoft.com> wrote in message
> news:FFCF3D40-0F40-4B12-A3D6-28CA20D1B342@microsoft.com...
> > If our current password policy does not have a maximum password age, and
> > some
> > users have a password of over 90 days, and we implement a password policy
> > that has a maximum password age of 90 days, do those users have 90 days to
> > change their passwords, or since their passwords are older than 90 days
> > are
> > they considered expired as soon as the password policy is put into effect?
> >
> > thank you,
>
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom