First prompt regarding the password change

domain password policy in our domain weak (blank passwords, no expiration, etc). in near future plan enable of password settings including minimal password length & max password age. receive prompt new password @ next logon, or prompted after max password age days + next logon?

 

many users have enabled password never expires property @ account properties. assume have disable property before enabling new password settings?

 

we posses win server 2003 r2 , xp & 7 clients.

existing passwords that

1) set never expire: never prompted update password meet new criteria.  if manually change new password must meet new minimum password length/complexity requirements.  if remove password never expires setting they fall #2 or #3 below

2) are >= to the max password age requirement: force change password @ next logon , must meet new minimum password length/complexity requirements.

3) < max password age requirement: nothing happes.  users prompted when password age >= max password age requirement.

 

 

Windows Server  >  Management