anonymous user
Since you have hybrid setup, I am guessing that you are using AD connect to sync users from on-premises to Azure AD. If you are using AD connect and if you have configured Password Sync as well, you would first need to Enforce cloud password policy for Password Synced Users by using below cmdlet,
• Open PowerShell as administrator.
• Install the MsOnline module by using command “Install-Module MsOnline”
• Run command “Connect-MsolService” and enter the global admin credentials of Azure AD.
• Run below commands,
• Set-MsolDirSyncFeature -Feature EnforceCloudPasswordPolicyForPasswordSyncedUsers -Enable $true
• Set-MsolPasswordPolicy -ValidityPeriod 60 -NotificationDays 14 -DomainName <domain name to which you want to apply the policy>
• next time when user changes the password in onpremise, the user properties in cloud attribute "passwordneverexpires" value will be changed
to null or false.
• This will let the users know about password expiry before number of days that is configured as "notificationdays" in above command.
Do let us know if you have any further questions on this.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.