none
users password expired, after setting up GPO

    Question

  • Dear All,

    We have 80+ users in AD with 8 OUs. we have set the policy that password never expire for all the users


    Settings was :

    Policy Setting
    Enforce password history 0 passwords remembered
    Maximum password age 0 days
    Minimum password age 0 days
    Minimum password length 8 characters
    Password must meet complexity requirements        
    Enabled
    Store passwords using reversible encryption Disabled

    But still users passwords getting expires, please tell me what i have do ? how can set that password never expire for all the users?





    Srinivasan.B

    Thursday, January 17, 2013 10:31 AM

Answers

  • It is happening 
    for Maximum password age   0 days.  You can put number of days. example 45.

    Best regards Biswajit Biswas Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, MCTS, Enterprise Admin, MCC, Technet Wiki Ninja



    Thursday, January 17, 2013 10:42 AM
  • Maximum password age determines how many days a password can be used before the user is required to change it. The value of this between 0 and 999; if it is set to 0, passwords never expire. Setting this value too low can cause a frustration for your users; setting it too high or disabling it gives potential attackers more time to determine passwords. For most organizations, set this value to 42 days.http://technet.microsoft.com/en-us/library/cc875814.aspx

    Configure user passwords to never expire
    http://technet.microsoft.com/en-us/library/hh967633.aspx

    Do you have multiple Password polcies applied have you checked the same?Also in Win2003 domain you can have only one Password policies.

    I would not recommend to have all user to have this setting for security reasons.


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Thursday, January 17, 2013 11:20 AM

All replies

  • It is happening 
    for Maximum password age   0 days.  You can put number of days. example 45.

    Best regards Biswajit Biswas Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, MCTS, Enterprise Admin, MCC, Technet Wiki Ninja



    Thursday, January 17, 2013 10:42 AM
  • Maximum password age determines how many days a password can be used before the user is required to change it. The value of this between 0 and 999; if it is set to 0, passwords never expire. Setting this value too low can cause a frustration for your users; setting it too high or disabling it gives potential attackers more time to determine passwords. For most organizations, set this value to 42 days.http://technet.microsoft.com/en-us/library/cc875814.aspx

    Configure user passwords to never expire
    http://technet.microsoft.com/en-us/library/hh967633.aspx

    Do you have multiple Password polcies applied have you checked the same?Also in Win2003 domain you can have only one Password policies.

    I would not recommend to have all user to have this setting for security reasons.


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Thursday, January 17, 2013 11:20 AM