Skip to main content

Fine-grained password policy support in Azure AD DS

Published date: October 17, 2018

The default password lifetime in Azure Active Directory Domain Services (AD DS) is 90 days. Many customers who have longer password lifetimes configured in Azure AD found their users’ passwords were expiring sooner in Azure AD DS. Many other customers gave us feedback that they’d like to configure custom password lifetime, complexity, and account lockout settings for user accounts in custom OUs within Azure AD DS.


You can now configure fine-grained password policies in Azure AD DS managed domains. For more information, see the documentation.

  • Microsoft Entra Domain Services
  • Features