How to exclude Office 365 Global Admin from password expiration policies

Issue: the password expiration of the Office 365 global administrator account will cause Azure AD Connect and DirSync to stop synchronizing on-prem AD to Office 365 Azure AD.

Prevention: One solution is to exclude your Office 365 global admin account from password policies and set it’s password to never expire.  Note: Always have a very strong password on your Office 365 global admin account.

  1. launch an instance of Office 365 PowerShell connected to your tenant
  2. Run the following command:
    Set-MsolUser -UserPrincipalName globaladmin@yourdomain.com -PasswordNeverExpires $true

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.