You can change the general password expiration policies in the online GUI but for individual users and to check the state you need to use powershell.
- First make sure you have installed the required module for powershell.
– Azure Active Directory Module for Windows Powershell.
On Windows 10 you can open powershell with run as administrator and run the command:
Install-Module -Name MSOnline
Or you can download the installer from:
You need the AdministrationConfig-V22.214.171.124-GA.msi file.
– For this to install you need to have the Microsoft Online services sign-in assistant > 7.
If you don’t have it you can download it from:
- Now that we have the necessary software we can connect, start powershell for windows azure ad and execute:
- Check if password expiration is set for any of the users:
Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires
- Change password expiration for all users:
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $false
- Change password expiration for just one user:
Set-MsolUser -UserPrincipalName email@example.com -PasswordNeverExpires $true
Set-MsolUser -UserPrincipalName firstname.lastname@example.org -PasswordNeverExpires $false