Trying to enable a maximum length of time until users of the domain need to change their domain password- to 180 days. The domain is 2003 level, but about to be bumped up to 2008 next week. I have 1 2003 DC, 2 2008 R2 DCs, and 2 2012 R2 DCs. In the default domain security settings, account policies, Password Policy- the settings are attached. It is and has been set to 180 days maximum password age, but it's never asked us to change our password. Also, these are the same settings in the default domain group policy security setting. Why is this not being enforced? I need to enable this password policy across the domain.