We are a Windows Server 2008 domain and have a password policy set at domain level which was working fine until we upgraded the clients to Windows 7. Now it no longer prompts the users to change their passwords before expiry - it simply expires, then tells them they need to change the password before they are able to login.
Our password policy is set as follows:
Min Length: 6 characters
Password Complexity is on
Maximum Age: 120 days
Minimum Age: 2 days
Password History: 2
Interactive Logon:Prompt User to Change Password Before Expiration: 14 days
When our clients were running Windows XP they were regularly prompted to change their passwords from 14 days before expiry & they could choose to ignore this prompt or set a new password at that point. It would appear that the password policy itself is working as paswords are expiring, it's just the prompt which isn't working for users who logon to a Windows 7 machine. I need this to work as our staff and students connect to our site from home & if their password expires without them realising, they will not be able to login remotely.
Does anyone have any ideas?