Password policy for Server 2012 domain

hodgem
hodgem used Ask the Experts™
on
Hi - so we're running a domain on a 2012 server, and one of the users called a told me that she was being prompted to change her domain password every 6 months, and wanted to see if that could be disabled. We decided to do this for the all users, so i went into the GP and disabled the password expiration, so it didnt ever ask for users to change it. She came in this morning and as soon as she booted up and logged in, a pop-up in the bottom right came up saying "your password is expiring in 4 days" - am i doing something wrong?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Scott CSenior Engineer

Commented:
First of all that is not best practices to have passwords never expire.  Most companies have passwords changing every 2 months or so.

My guess is that since she was prompted, she will continue to get prompted until the password is changed.  

You can do this in ADUC.  Just right click on her account and reset password.

But again, what you are doing is putting your network at risk.
Senior Solution Architect
Most Valuable Expert 2015
Top Expert 2015
Commented:
She came in this morning and as soon as she booted up and logged in, a pop-up in the bottom right came up saying "your password is expiring in 4 days" - am i doing something wrong?

Password Policy, ONCE CHANGED, they do NOT apply until the user manually changes their password or it expires. Once they type in the NEW password the new Password Policy will take affect.

Change the Password within Active Direcotry Users and Computers does not count for this, as it ignores the password policy.

Will.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial