post

How to: Set “Password Never Expires” on Office 365 accounts.

This isn’t something we’d recommend for normal operations. 

However, using Office 365 with external applications isn’t great when it comes to dealing with password resets. In many cases, the first thing a user knows is that their email no longer connects, as the countdown warnings on a regular domain account don’t necessarily apply.

With this in mind, it may be beneficial to set users’ Office 365 accounts to have their passwords never expire automatically. In this way, you can give people fair warning of when they’ll need to change their passwords and let them know what they need to do.

So the basic process is: Prepare your administrative login to MSOnline, Connect, Change the relevant attribute for your user.

  1. Launch the Powershell
  2. Ensure the scripts are permitted to run:
    • set-executionpolicy remotesigned
  3. Supply your Office 365 administrative login:
    • $cred=Get-Credential
  4. Connect to the Office 365 administrative service:
    • $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $cred -Authentication Basic -AllowRedirection
      import-PSSession $Session
  5. Change the user account to have the privilege (replace the bold, italic part)
    • set-msoluser -userprincipalname user@domain.com -passwordneverexpires $true
  6. The account should no longer demand password resets.

If you use this policy, you should arrange frequent, manual resets with your service users.

 

Leave a Reply