Thank you for posting this in Microsoft Q&A.
What will users see when we implement password protection for on-prem AD?
Password protection for on-prem AD is a feature that helps you enforce strong passwords in your organization by using a global and custom banned password list. The password protection is implemented for on-premises Active Directory Domain Service, users will see error messages when they try to reset or change their password to something that is banned.
What kind of error message will be displayed when user is trying to reset the on-prem password on their windows laptop? Is it going to display the existing policy details for on-prem AD + the new error messages for banned password?
When a user attempts to reset or change a password to something that would be banned, one of the following error messages are displayed: 1.Unfortunately, your password contains a word, phrase, or pattern that makes your password easily guessable. Please try again with a different password. 2.We've seen that password too many times before. Choose something harder to guess. 3.Choose a password that's harder for people to guess".
Do we need to adjust some configuration (GPO settings) within on-prem AD so that it will display the banned password error messages?
No, you don't need to adjust any Group Policy Object (GPO) settings within on-premises Active Directory Domain Service (AD DS) to display the banned password error messages.
For your reference: Enable on-premises Microsoft Entra Password Protection
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.