Avatar of N00b2015
N00b2015 asked on

MS 365 Password Policy - Global Admin Accounts

Can someone help me in regards to MS 365 Password Policy.

I know i can set a password policy on 365. Pretty simple to do, but would this also apply to the global admin/owner account also?

I would like everyone's password in the 365 domain to request change at a certain date. Doing research and testing on powershell, i can see that the global admin/owner account does not have a value when i process the Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpire . It is blank.

I know i can set this manually by running a set script in Powershell but there must be a reason why MS decided not to include it. Quite silly to have it not changeable in my opinion...

your help is greatly appreciated.
PowershellMicrosoft OfficeMicrosoft 365

Avatar of undefined
Last Comment
N00b2015

8/22/2022 - Mon
SOLUTION
Adam the 32-bit Aardvark

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
N00b2015

Thank you code!

I was thinking the same. Also, in regards to AD sync. I do not personally use it for 365, just for their mail etc but it could be a feature in the backend for MS? I'm just cautious of setting the value back to expire for a particular reason. Either way, I've submitted a response to MS and await their reply which i'll post back here.
SOLUTION
Adam the 32-bit Aardvark

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
N00b2015

Thank you.

I think in my scenario...

There is a small company of 4 members of staff which has the most simplest of setup. The owner has bought 365 but doesn't do any of the admin side, I do for their mail. Although, i'm not an active support user for them, as i would like them to be as much independent to an extent but would like to protect their security also. So as their admin, i don't go on the console as often, thus possibly missing the password expiry. The only impact i could see with a global admin account expiring, would be that the owner would have to go through the password recovery setup, which is fine.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
N00b2015

That makes sense if it is blank! Thank you everyone for your help. I just used set-mslouser to ensure that field was set to $false to expire.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck