Good afternoon Experts,
We had been requested to lower the max age for password from 120 days to 90 days. Upon looking through group policies on our Server 2008 R2 Domain Controller I cannot find any policies with this max age setting. I have combed through all policies for the users who reported that previously they were prompted to change password and can not find any settings for this. Running a RSOP on a few of these users the only references to a password policy for for minimum length, complexity requirements, and lockout policy (see RSOP screenshot attached). I have confirmed through the Active Directory Administrative Center that these users are in fact some how getting a setting that marks their password to expire after 120 days. I am wondering if anyone has any ideas for tracking down where this is coming from in group policy or is there another way to do this that the previous administrator may have configured?