When do new Password Policies take affect?

G

Guest

Hi,

I am about to implement a new password policy on our coporate windows 2000
AD. I have found alot of good information on the MS site, but cannot find
anything that descibes how this change will affect end users.

Im assuming that the policy will apply at next password change, that is,
users that currently have passwords which dont meet the new policy
requirements (which will be 80% of the company!!) will be allowed to keep
their current password, unitl next password change. They then will be
prompted for a password that meets the complexity requirements.

Thanks in advance,

- SE.
 
H

Hank Arnold

FWIW, this has been my experience:

1) the policy goes into effect immediately.
2) the clock on the expiration period starts when the policy goes into
effect.
3) current passwords are not affected by the new requirements (except for
the expiration period). Only new or changed passwords.
4) The policies will not be applied if the "Password never expires" is
checked in a user's AD account.

Basically, your assumption matches my experience...
 
J

Joe Richards [MVP]

If an account hasn't changed its password in 100 days and you set a password
expiration policy of 90 days, the account will be immediately expired. If the
password hasn't been changed in 85 days, the account will expire in 5 days. Etc,
etc, etc.

However, password complexity rules and length/history rules will not be applied
until the user next changes their password.

joe
 
J

Jorge_de_Almeida_Pinto

Hi,

I am about to implement a new password policy on our coporate
windows 2000
AD. I have found alot of good information on the MS site, but
cannot find
anything that descibes how this change will affect end users.

Im assuming that the policy will apply at next password
change, that is,
users that currently have passwords which dont meet the new
policy
requirements (which will be 80% of the company!!) will be
allowed to keep
their current password, unitl next password change. They then
will be
prompted for a password that meets the complexity
requirements.

Thanks in advance,

- SE.
Click to expand...

just as you described
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

AD and Password policy question 12
Password on 2003 server AD. 1
Domain Password Policy 1
Security Enhancements 1
changing administrator password 2
Password Policy Reset to the old setting, Why? 8
Account Policies 3
Group Security Policy not being applied 1

Top