|
it
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Password Policyvalue set to 0 (never expire) on the maximum password age. Please no comments :-) Now in the interest of security I am trying to implement a password policy and want to change this setting to 90 days. From the end user perspective what happens when I make this change from 0 to 90 and apply it? Will the user be forced to change their password after the next successful login, OR will the typical "your password will expire in 2 weeks, do you want to change it now" be displayed giving the users some time before compliance is enforced? I want to make sure that I can fore warn my users before this change is made. Thank you! -KC They will be required to change their password when their password reaches
90 days. If everybody has not changed their password for the past 6 months, the next time they log in after you make the change they will need to change their password. If everyone changed their password 2 months ago, they will have a month before they have to change. hth DDS Show quoteHide quote "KC" <K*@discussions.microsoft.com> wrote in message news:FAB0FDD5-C30B-4263-8899-E5B122FC62D1@microsoft.com... > Lets say that currently my default domain policy password settings has a > value set to 0 (never expire) on the maximum password age. Please no > comments > :-) > > Now in the interest of security I am trying to implement a password policy > and want to change this setting to 90 days. > > From the end user perspective what happens when I make this change from 0 > to > 90 and apply it? > > Will the user be forced to change their password after the next successful > login, OR will the typical "your password will expire in 2 weeks, do you > want > to change it now" be displayed giving the users some time before > compliance > is enforced? > > I want to make sure that I can fore warn my users before this change is > made. > > Thank you! > -KC So lets assume that everone's password is at least over a year old.
If I understand correctly when I apply the 90 day setting to the policy, at the next successful login the user will be REQUIRED to change their password? If so then going forward when their password is 2 weeks from being 90 days old, they will receive notification that their password will expire in 2 weeks and start the countdown? Show quoteHide quote "Danny Sanders" wrote: > They will be required to change their password when their password reaches > 90 days. > > If everybody has not changed their password for the past 6 months, the next > time they log in after you make the change they will need to change their > password. If everyone changed their password 2 months ago, they will have a > month before they have to change. > > hth > DDS > "KC" <K*@discussions.microsoft.com> wrote in message > news:FAB0FDD5-C30B-4263-8899-E5B122FC62D1@microsoft.com... > > Lets say that currently my default domain policy password settings has a > > value set to 0 (never expire) on the maximum password age. Please no > > comments > > :-) > > > > Now in the interest of security I am trying to implement a password policy > > and want to change this setting to 90 days. > > > > From the end user perspective what happens when I make this change from 0 > > to > > 90 and apply it? > > > > Will the user be forced to change their password after the next successful > > login, OR will the typical "your password will expire in 2 weeks, do you > > want > > to change it now" be displayed giving the users some time before > > compliance > > is enforced? > > > > I want to make sure that I can fore warn my users before this change is > > made. > > > > Thank you! > > -KC > > > KC wrote:
> So lets assume that everone's password is at least over a year old. Yes, KC, you are correct. Enabling the 90-day policy on passwords that> If I understand correctly when I apply the 90 day setting to the policy, at > the next successful login the user will be REQUIRED to change their password? > > If so then going forward when their password is 2 weeks from being 90 days > old, they will receive notification that their password will expire in 2 > weeks and start the countdown? > are older than 90 days will take effect immediately. There is no grace period once you enable this.  
Thread options
Other interesting topics
Microsoft Software Shadow Copy Provider service info needed.
Confusing Kerberos Error Covers and labels Windows Server User Profile Deletion Security Configuration Wizard - Cannot apply Security Policy Error Backup restore question AD Sites & Services - NTDS Settings issue HELP REAL BAD WITH SSL CERTICIATE Quick question about missed SNMP traps How to turn off DNS service? |
|||||||||||||||||||||||
