Quick question about password policy -
In the midst of a domain consolidation, it started out simple with keeping passwords the same, but we want to introduce complex password policies, but don't want to impact users until all applications (SPNs, LDAP Referrals) are also updated.
We are getting ready to test when applied but of course turned to online forums first to see if there is a quick answer.
We set the password policy at the domain level (this is Windows Server 2003 and they are still pushing back on upgrading to 2008 I know we can do finer grained policies there).
If I set a complex password policy, will it be enforced only when the users password is expired or changed? Or, will all users be forced to change password once policy refreshes? Like I said getting ready to test but it looks like from documentation that the policy will not be enforced until the password is changed.
Is this a correct assumption?
Thanks