Solved

Password policy on Server 2008

Posted on 2014-11-25
5
175 Views
Last Modified: 2014-11-25
Hi,
I have a Server 2008 domain with about 20 users on it. Up to now they have all had their password set to not expire in AD, we want to now introduce a password policy. If I enable a password policy of say for example change every 180 days and deploy it - will that immediatley force the users to change their passwords or will they get prompted in 180 days from when the policy is active?

Thanks
Andrew
0
Comment
Question by:activateahsd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 29

Accepted Solution

by:
becraig earned 500 total points
ID: 40464472
Short answer immediately

From my testing these settings can be seen by the user without logon, logoff, reboot, or GPO refresh.  As soon as the policy is written and replicated (FGPP or Domain policy) changes to the following settings will be in effect and can impact immediately or very soon.

   Minimum password age
    Maximum password age

    Lockout duration
    Lockout threshold
    Observation window

Good reading.
http://blogs.technet.com/b/askpfeplat/archive/2013/10/11/active-directory-password-policies-when-does-a-password-policy-change-affect-a-user.aspx
0
 

Author Comment

by:activateahsd
ID: 40464479
thats what i thought - thanks!
0
 

Author Closing Comment

by:activateahsd
ID: 40464480
:)
0
 
LVL 29

Expert Comment

by:becraig
ID: 40464492
Bear in mind the assumption here is the user has never changed the password, as such the AD will determine if last change is older than your policy date and force the change.

That being said since you will not know when the last change occurred if at all, it is safest to assume this can and will take immediate effect and act accordingly to minimize impact / downtime.
0
 

Author Comment

by:activateahsd
ID: 40464497
yep understood.
Thanks again...
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question