<div>
Ok, just wanted to make sure the Group Policy wouldn't override those settings.
</div>


<div>
No, but it will trigger password change for all other user accounts at next log on.
</div>


<div>
<div class="content wysiwyg-content">
If I set up a GPO that says passwords expire every 90 days but in Active Directory I have some accounts set to Never Expire and User Cannot Change Password. Which one is going to take precedence? Do I need to create a deny rule for those to not change or is having it set up this way good?
</div>
</div>


If I set up a GPO that says passwords expire every 90 days but in Active Directory I have some accounts set to Never Expire and User Cannot Change Password. Which one is going to take precedence? Do I need to create a deny rule for those to not change or is having it set up this way good?

Password Policy with GPO

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.