When you set this policy it applies to the next time the users change their password. It doesn't set them all to expire in 90 days as soon as you
change them.
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
This posting is provided "AS IS" with no warranties, and confers no rights.
"Mike" <Mike@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DA64BAD5-BF45-4A8D-BA8B-D1684055D3CE@xxxxxxxxxxxxxxxx >I have about 1000 users in 4 OUs.
> The password policy has previously been for passwords not to expire.
> The new policy is for passwords to expire after 90 days.
> Is there a way to implement this by staggering the expiry and not having
> all
> the passwords expire at the same time in 90 days?
Re: Password Renewal ... > or you can expire the accounts in batches ahead of time. ... > Joe Richards Microsoft MVP Windows Server Directory Services... >> The password policy has previously been for passwords not to expire. ... (microsoft.public.windows.server.active_directory)
Re: How To Enabling a Password Policy ... > passwords is on the system configuration side not the ... limited testing running this on a Win2K Pro workstation to force admins... to change their passwords over X days old (set on PDC).... ::Avoid admins whose accounts are set never to expire.... (microsoft.public.win2000.security)
Re: Group Policys and Passwords ... Either you have two separate domains or you are implementing it at a local ... There is only one pw policy per domain.... ... it's not a great idea to have all passwords expire the same day. ... (microsoft.public.windows.server.general)
Re: Password expirey ... Passwords expire based on the pwdlastset time being older than the current date minus the domain password policy. ... So yes, if you get all of the passwords expired and set in time, when you turn on the policy, no one will expire until their password age hits the date. ... (microsoft.public.windows.server.active_directory)
Re: Password expiration message? ... The FTP server userid is specifically non-TSO-enabled. ... a report of IDs with passwords about to expire, and for the ones that you care about you issue ALTUSER whatever-id PASSWORDNOEXPIRED ... Or, you make those IDs have non-expiring passwords, and change them at your convenience, rather than every normal interval of time. ... Or you use something like SFTP (provided on z/OS by OpenSSH) and its public/private key support to avoid password expiration. ... (bit.listserv.ibm-main)
