Domain password policy .vs. Active Directory user profile account "password never expires"
Posted on 2011-09-06
I have some concerns regarding modification to an existing GPO policy that retains the settings for passwords. I will be modifiing the policy to enforce stronger complexity requirements. this is only policy driving password restrictions as im sure there can only be one at the domain level.
My question is: "Password Never Expires" is checked off for every user account, will the GPO setting override Password Never Expires in the user account forcing the user to change thier password or even possibly locking out the accounts? I am in a Windows 2008 AD. My current policy will be overwritten by the new settings and most my users don't meet the complexity that I will be implementing.