I have become terribly confused over password policies.
Why are they configured under Computer Configuration (Windows\security\account\password)?
I need to apply password policies to my domain users (all contained in a user OU).
My two concerns here are -
1. I run an AD report on passwords due to expire in 30 days - if this policy only applies to Computers, how will it affect my user accounts?
2. It is imperative only the Users OU is affected, thus I applied the policy top this but it appears my machine (as a test) is picking it up from the Default Domain Policy which of course is covering my machine and the OU my machine is in.
Any transparency on this issue would be greatly appreciated.
For all my service accounts, I have set "Password Never Expires" can you assure me that this setting will always override the domain policy?