I want to spend some words about changing password policy in Office 365, where ADFS is not installed. In these cases, we have usually two passwords – one for local system and one for online environment. This is an exception in Essentials server, because it is possible to synchronize on premise and online environment, but we can do some nice things also in other environments with few PowerShell commands. The thing that is really not good and is not possible to change is the password structure. We must preserve password 8 to 16 characters long and with allowed characters (http://community.office365.com/en-us/wikis/administration/characters-in-passwords-or-user-names-in-office-365.aspx).
Anyway, you can change some settings like password age, password expiration and you can do this for user or for domain. The first thing, that you have to do, is install Office 365 cmdlets from this link (http://onlinehelp.microsoft.com/office365-enterprises/hh124998.aspx). On this point, you have to install two things: Microsoft Online Services Sign-In Assistant and Microsoft Online Services Module for Windows PowerShell. After this operation,you are ready to begin.
The first step to do is connecting to Office 365 environment. For this you need three simple PowerShell commands and credentials of administrative account:
Import-Module MSOnline
$O365Cred = Get-Credential
Connect-MsolService -Credential $O365Cred
After this you can change password policy with command Set-MsolPasswordPolicy -ValidityPeriod 60 -NotificationDays 14 -DomainName domain.com, which will change policy for domain named domain.com. The password validity period will be 60 days with notification to change password 14 days before it will expire.
If you want to set password never expire to user, you have to do user by user with command Set-MsolUser -UserPrincipalName <user ID> -PasswordNeverExpires $true. Of course is possible to automate also this task and for example, if you want to do this step for all users it is very simple: Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true.
Good work..
