Onsite or Remote Support
Call (519) 573-3759
One of the questions that we are most frequently asked is regarding users or administrators who subscribe to Office 365 but who are tired of receiving Office 365 password expiration notifications. These users might not be used to the service’s default password expiration policy, especially if they are coming from in-house systems that had more lenient expiration requirements. Although I am not entirely convinced that setting passwords to never expire is smart, if you choose secure passwords and use multifactor authentication, I do not think that disabling password expiration in Office 365 causes major difficulties.
As always, good old PowerShell can come to the rescue. First off, set yourself up to connect to the service through PowerShell remoting. If you have not done this yet, you will need two pieces of software: the Microsoft Online Services Sign-In Assistant for IT Professionals RTW (yes, that’s the official name) and the Azure Active Directory Module for Windows PowerShell.
If you know a little bit about PowerShell, then you know that, if the verb in a command is “Set,” you can also use “Get” to retrieve information or properties about a certain object. In this case, you can use “Get-MsolUser” to see if the user’s password has already been configured to never expire; to do so, you use the following command, which selects the attribute to display in response to our command:
You can extrapolate from this command to see the password expiration statuses of all users in your tenant using the following command:
You can also combine these commands to set the passwords for all users in your tenant to never expire; this is done using the pipelining feature of PowerShell. Here, you get a list of users from “Get-MsolUser” and then pipe that information to “Set-MsolUser,” omitting the specific reference to names (as those will be fed into the new command from the pipeline) and leaving the attribute configuration the same: