question

JoshPerrin-8169 avatar image
0 Votes"
JoshPerrin-8169 asked michev answered

Set complex user passwords for specific group

Hi There,

I am looking at how I can set more complex password requirements for Cloud only Azure AD users.

After reading this MSFT post here. I have been able to set apply the default password policy individually to a number of users. However I now need to apply more granular requirement (preferably to a group) to set the password expiry to 30 days instead of 90 and also extend the amount of character required.

In the guide is suggests to use "Set-MsolUser" cmdlet but I can’t find any reference syntax to apply and review.

We are running Windows 10 machines connected to Azure AD and managed by InTune.

Any pointers would be greatly appreciated.



azure-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

michev avatar image
0 Votes"
michev answered

Password policies are configured per domain, only the "password never expires" setting can be toggled on a per-user basis. Also, the only control we have over the password length is the "strong" password toggle, you cannot specify a custom length. If you must enforce such requirements, configure AD FS or PTA (in other words redirect the authentication process to on-premises or external system).

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.