Password policy on Server 2008

I have a Server 2008 domain with about 20 users on it. Up to now they have all had their password set to not expire in AD, we want to now introduce a password policy. If I enable a password policy of say for example change every 180 days and deploy it - will that immediatley force the users to change their passwords or will they get prompted in 180 days from when the policy is active?

Who is Participating?
becraigConnect With a Mentor Commented:
Short answer immediately

From my testing these settings can be seen by the user without logon, logoff, reboot, or GPO refresh.  As soon as the policy is written and replicated (FGPP or Domain policy) changes to the following settings will be in effect and can impact immediately or very soon.

   Minimum password age
    Maximum password age

    Lockout duration
    Lockout threshold
    Observation window

Good reading.
activateahsdAuthor Commented:
thats what i thought - thanks!
activateahsdAuthor Commented:
Bear in mind the assumption here is the user has never changed the password, as such the AD will determine if last change is older than your policy date and force the change.

That being said since you will not know when the last change occurred if at all, it is safest to assume this can and will take immediate effect and act accordingly to minimize impact / downtime.
activateahsdAuthor Commented:
yep understood.
Thanks again...
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.