Password Expiration Policy
- Click Start > Search for Windows PowerShell > Right click ‘Run as administrator’.
- To establish connection, Open Windows Powershell (Run as administrator) then enter the Global Admin credential (Email address format) after running below script
$cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection
- Then we need to make sure we have Microsoft Online Module for Powershell already installed, in case if we don’t please download it from below source :
64 bit module version – http://go.microsoft.com/fwlink/p/?linkid=236297
It may ask us to install the Microsoft Online Services Sign-In Assistant from below link : http://www.microsoft.com/en-us/download/details.aspx?id=39267
Then run the below commands and when asked enter the Global Administrator credentials again
- To set the password policy to never expire, we may run the below commands
- For Individual user :-
Set-MsolUser –UserPrincipalName firstname.lastname@example.org -PasswordNeverExpires $True
- For All Users in the Organisation :-
Get-MsolUser | Set-MsolUser –PasswordNeverExpires $True
- To verify if password is set to never expire run the following command.
Get-MsolUser –UserPrincipalName email@example.com | fl
See the below variable in the command shell ( PasswordNeverExpires :True )
- To set the password expiration to some number of days at domain level :
Set-MsolPasswordPolicy -DomainName domain.com -NotificationDays 15 -ValidityPeriod 180
Note : Once we create a new user, we will have to set the password policy for that user again, as it is not possible to inherit that policy to the new user, so we will need to run the above commands again.