This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 98%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYK%3C/text%3E%3C/svg%3E)
Dear Team,
I have set password expire days as 180 days but user password get expire within 90 days. whenever I run net user xxxx /domian command it showing password will expire in 90 days. Please help me to set password expire days as 180 Days
Server 2016 Standard Edition.
Thanks
Yogesh
Hello Team,
As per the snap I have already done the same setting but whenever I checked with net user command it showing only 90 Days.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Hi,
You have to edit the password policy applied on impacted users in order to set the value 180 days for Maximum password age settings.
To set password policy , you can use GPO default domain policy or Fine Grained Password Policy:
password-policy-active-directory
fine-grained-password-policy-best-practices
Please don't forget to mark this reply as answer if it help you to fix your issue
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi,
There are 2ways to set the password policy in AD :
One is to configure it through GPO :Default domain policy
https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-policy
One is the FGPP (only for users and groups):
https://learn.microsoft.com/en-us/archive/blogs/canitpro/step-by-step-enabling-and-using-fine-grained-password-policies-in-ad
When using “net user samAccountName /domain“, the value returned by “Password expires” doesn’t take in consideration the fine grained policies.
It only shows the domain password policy.
You can considered the following Powershell command to confirm the password expired date.
Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |
Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}}
Get-ADUserResultantPasswordPolicy USERNAME
