Connect with the Microsoft Azure Active Directory Module for Windows PowerShell
Commands in the Microsoft Azure Active Directory Module for Windows PowerShell have Msol in their cmdlet name.
Step 1: Install required software
These steps are required once on your computer, not every time you connect. However, you’ll likely need to install newer versions of the software periodically.
Install the 64-bit version of the Microsoft Online Services Sign-in Assistant: Microsoft Online Services Sign-in Assistant for IT Professionals RTW.
- Install the Microsoft Azure Active Directory Module for Windows PowerShell with these steps:
- Open an elevated Windows PowerShell command prompt (run Windows PowerShell as an administrator).
- Run the Install-Module MSOnline command.
- If prompted to install the NuGet provider, type Y and press ENTER.
- If prompted to install the module from PSGallery, type Y and press ENTER.
Step 2: Connect to Azure AD for your Office 365 subscription
To connect to Azure AD for your Office 365 subscription with an account name and password or with multi-factor authentication (MFA), run this command from a Windows PowerShell command prompt (it does not have to be elevated):
- Install both program as Per Above.
- Open up a PowerShell command session and type in “Connect-MsolService”.
- Enter your credentials at the prompt.
- Once you are successfully authenticated, enter the following command to set a user’s password to never expire:
Set-MsolUser -UserPrincipalName <email@example.com> -PasswordNeverExpires $true
If you know a little bit about PowerShell, then you know that, if the verb in a command is “Set,” you can also use “Get” to retrieve information or properties about a certain object. In this case, you can use “Get-MsolUser” to see if the user’s password has already been configured to never expire; to do so, you use the following command, which selects the attribute to display in response to our command:
Get-MsolUser -UserPrincipalName <firstname.lastname@example.org> | Select PasswordNeverExpires
You can extrapolate from this command to see the password expiration statuses of all users in your tenant using the following command:
Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires
You can also combine these commands to set the passwords for all users in your tenant to never expire; this is done using the pipelining feature of PowerShell. Here, you get a list of users from “Get-MsolUser” and then pipe that information to “Set-MsolUser,” omitting the specific reference to names (as those will be fed into the new command from the pipeline) and leaving the attribute configuration the same:
Get-MsolUser | Set-MsolUser –PasswordNeverExpires $true
Configuring Using the Graphical User Interface
If you’re afraid of the PowerShell command line, here are two pieces of advice. First, do not fear it, for it is your friend. Second, know that there is also a way to disable password expiration from the web-based Office 365 administration console. You will need to have administrator credentials for this. This will set the Policy for all users in the Office 365 account
- Sign in at https://portal.office.com/adminportal/home.
- From the Settings menu, select “Security and privacy,” and then click “Edit.”
- Under “Password policy,” click the box hat says “Set user passwords to never expire.”
Follow these steps and you will not be annoyed by Office 365 password expiration notification emails any more.