I ran into this one recently as a user account for Cisco CUC had been created in Entra ID only and not on-premise and allowed to sync. It's just a few PS commands and you can set the password to never expire.
NOTE: You must be a global admin or password administrator to perform these changes.
I ran all of these commands from an Exchange 2019 on-premise server running in hybrid mode.
1. Connect to Exchange Online
Connect-ExchangeOnline
2. Connect to Microsoft Graph PowerShell and to the required scopes.
Connect-MgGraph -Scopes "User.ReadWrite.All","Group.ReadWrite.All"
3. To check a user's account to see if the password expiration is set run this command:
Get-MGuser -UserId <user id or UPN> -Property UserPrincipalName, PasswordPolicies | Select-object UserPrincipalName,@{N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"}}
4. To set the password of one user to never expire, run this command:
Update-MgUser -UserId <user ID> -PasswordPolicies DisablePasswordExpiration
These commands will allow you to set the password policy to never expire for just a single user account as needed. For more details on how to change it for all users and check for all users, you can reference the official Microsoft Learn article HERE.
Good luck!
No comments:
Post a Comment