We have half of our users who’s passwords where set to never expire during our Win7 roll out. There is an existing policy to force passwords to change every 90 days. Most of these accounts are pass the 90 days from the time the check box for never expire was implemented. If We unchecked the box and with that policy in place what is the expected behavior?
- Will they be locked out immediately and be forced to log off and change their password?
- What about remote users? Are they locked out until they get back on the domain?
- Or is the 90 days policy reset upon unchecking the box and accounts will not need to change until 90 from now?
What's the best way to avoid having all these user forced to recreate their passwords?