Link to home
Start Free TrialLog in
Avatar of Winsoup

asked on

Password Policy with GPO

If I set up a GPO that says passwords expire every 90 days but in Active Directory I have some accounts set to Never Expire and User Cannot Change Password. Which one is going to take precedence? Do I need to create a deny rule for those to not change or is having it set up this way good?
Avatar of Toni Uranjek
Toni Uranjek
Flag of Slovenia image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Winsoup


Ok, just wanted to make sure the Group Policy wouldn't override those settings.
No, but it will trigger password change for all other user accounts at next log on.