This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 19%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
I need to enable GPO password security in order users could change change their password every 120 days.
In GPO I configured :
Max password age 120 days
Minimum password age 1 days
Min owd length 8 charaters
Compexity Enabled
Linked to the group users.
Seems okay everything, but it shows that users must change not after 120 days, but 42 days. Could you help me in this issue?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 62%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDZ%3C/text%3E%3C/svg%3E)
Hello DiasDT-8403,
How are things going on your end? Please keep me posted on this issue. I appreciate your time and efforts.
Your time is greatly appreciated.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Hello DiasDT-8403,
Thank you for posting in our Q&A forum.
For domain password policy, we must configure domain password policy within the "Default Domain Policy" group policy object, the password policy will take effect.
If we configure domain password policy in other custom group policy object instead of the "Default Domain Policy", it will not take effect.
Please check you configured domain password policy within the "Default Domain Policy" group policy object.
Also, please check whether you configured FGPP in your domain. Because if you have configured FGPP, the FGPP will have a higher priority than domain password policy.
For more information about FGPP, please read the link below.
Step-by-Step: Enabling and Using Fine-Grained Password Policies in AD
https://blogs.technet.microsoft.com/canitpro/2013/05/29/step-by-step-enabling-and-using-fine-grained-password-policies-in-ad/
Hope the information above is helpful.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.