Pretty sure I know the answer to this one but just looking for a confirmation from other experts.
Im about to make a change to the AD password length and complexity GPO. Im pretty sure flipping this on will only affect users once their password is expired and needs to be changed. Anyone whos password still is within the expiration limit will be able to use the non-complex password until the day their password needs to be changed. Then complexity will be required.
Am I right, just double checking before pulling the trigger.