I recently took over a network that utilizes the force password GPO setting. The force password change setting is implemented via the default domain policy. The problem is all authenticated users receive this policy. I assume this will cause my service accounts to be forced to change their passwords. And.. Will also cause my domain admins to change their password. Should I create a new GPO and enable the setting there so I can deny the GPO settings to my service accounts and domain admins but allow for everyone else? And then set the original setting to not configured? Since it's currently part of the default domain GPO I'm wanting to void changing the permissions on it.