What is the impact to change the policy Maximum Password Age 60 Days to 0 Day?

Hello everyone,

I need to change temporarily to complete a migration password policy Maximum Password Age 60 Days to 0 days.

What will be the impact on users?

You will be prompted immediately for users to change the password?

I tried to find some official Microsoft document and found nothing about it.

Could someone show me an official documentation on the impact of this change?

Thank you very much.
LVL 1
lucianolimaAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
VB ITSConnect With a Mentor Specialist ConsultantCommented:
Yep, I have. Setting it to 0 days just means their passwords will never expire as stated above. They will continue to be able to use their existing password without any issues.
0
 
Phillip BurtonConnect With a Mentor Director, Practice Manager and Computing ConsultantCommented:
I believe that 0 days means "never expires". In other words, they won't be prompted to change the password, because they don't need to.

See http://technet.microsoft.com/en-gb/library/cc736566%28v=ws.10%29.aspx for more information.
0
 
HaiFaiCommented:
If you set it to 0 password neverexpire so minimum days is 1 max 998

http://technet.microsoft.com/en-us/library/cc736566%28v=ws.10%29.aspx
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
lucianolimaAuthor Commented:
I had also found such documentation, but they are not clear regarding the exchange I need to do.

In theory I agree with you and make much sense this, but as I cannot reproduce this scenario and particularly I have never done this type of change to 0 days I am concerned about the impact this may cause to users.

Has anyone done this in practice?
0
 
lucianolimaAuthor Commented:
Thank you very much All.

I will make the changes in the days and warning everyone about the result.
0
 
lucianolimaAuthor Commented:
Hello everyone,

I was able to reproduce the changes in a lab environment.

Before you change the Password Policy I ran the command:

net user% USERNAME% / domain

The result was display the expiration date of the account:

Password Expires --> 1/13/2015 10:00:30 PM

Then I changed the Password Policy and execute gpupdate/force in Domain Controller and ran the command again and the result was showing that the password never expires.

Password Expires --> Never
0
All Courses

From novice to tech pro — start learning today.