Expired Password Behaviour
During the Hols it appears quite a few of our staff's passwords have expired and having issues with vpn/owa due to the according to the group policy password stuff I have set. This is a) my fault for setting the password expiration to fall in the christmas break and b) their fault for ignoring the warnings that their passwords were going to before the hols... Hey ho..
Now I can get over the problem quite simply by setting the "Password Never Expires" tick box on the user properties as this overrides any group policy setting. This then allows them to get into their account with their previously expired password. Fantastic. Run a quick script and temporarily set this for all the users.
So the scenario is :-
1) Password has expired after x days.
2) I then tick the "Password never Expires" on the user properties so they can login with their expired password.
3) They login and off normally for say 5 days.
4) I then untick the "Password never expires". (for security reasons!)
5) ..Then what happens to the previously expired password?!?
Does the old password just get a new lease of life, perhaps triggered by a login? Or can the expiry day count be rejigged somehow?
Of course I can setup a test, with a test policy, user etc. But am lazy and just wondered on the off chance if anyone knew?