We help IT Professionals succeed at work.

Password Policy - Server 2008 R2

Hello,

I am trying to setup a 90 day refresh of user passwords in AD.

What is the maximum and minimum password age? What do i need to set to make this work?
Comment
Watch Question

Commented:
Maximum password age will be 90 days, minimum is the time before the user can change again, I normally make this 7 days but that is upto you. See link below for help in setting it up

http://www.grouppolicy.biz/2011/08/tutorial-how-to-setup-default-and-fine-grain-password-policy/

Don't forget a reminder to let the users know their password is going to expire

Group Policy - Default Domain - Policies - Windows Settings - Security Settings - Local Policies - Security Options

Interactive logon: Prompt user to change password before expiration

Author

Commented:
i put this into effect and it started prompting users to change their password right away.

How do i delay this a bit??

Commented:
This is because all password are already older than 90 days or are close to 90 days. You need to get everyone to reset their password before making it live.