Windows 8.1 Password Policy on Local Account that is part of domain
Posted on 2014-09-17
We have a remote user with a Windows 8.1 local account. He is receiving the "Your password has expired and must be changed" message on his local account when he tries to log in when he first turns on his PC. This PC is a part of the domain, but this is the local account where he is trying to sign in. Our default password policy for maximum password age is 180 days on our domain - Windows Server 2008 R2. The network user name (which is the same as his local user name) is set in Active Directory to "password never expires".
We have not encountered this problem until we started using Windows 8.1 computers. We would like this person's password to never expire. I signed into the local admin account on his PC, removed it from the domain, set the local password policy to a maximum age of 0 days, rebooted and logged in as the local user. It worked for one day. Today we are back at the "Your password has expired" message.
I understand that the domain policy may be overriding the local policy, but I am unsure as to why the "password never expires" setting in Active Directory would not be used.
I'm looking for ideas on how we can set this local user account to never expire.