This is the built-in help made by Microsoft for the command 'Set-ADDefaultDomainPasswordPolicy', in PowerShell version 5 - as retrieved from
Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.
For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.
Modifies the default password policy for an Active Directory domain.
Set-ADDefaultDomainPasswordPolicy [-Identity] <ADDefaultDomainPasswordPolicy> [-AuthType {Negotiate | Basic}] [-ComplexityEnabled <Boolean>] [-Credential <PSCredential>]
[-LockoutDuration <TimeSpan>] [-LockoutObservationWindow <TimeSpan>] [-LockoutThreshold <Int32>] [-MaxPasswordAge <TimeSpan>] [-MinPasswordAge <TimeSpan>]
[-MinPasswordLength <Int32>] [-PassThru] [-PasswordHistoryCount <Int32>] [-ReversibleEncryptionEnabled <Boolean>] [-Server <String>] [-Confirm] [-WhatIf] [<CommonParameters>]
The Set-ADDefaultDomainPasswordPolicy cmdlet modifies the properties of the default password policy for a domain. You can modify property values by using the cmdlet
parameters.
The Identity parameter specifies the domain whose default password policy you want modify. You can identify a domain by its Distinguished Name (DN), GUID, Security
Identifier (SID), DNS domain name, or NETBIOS name. You can also set the parameter to an ADDomain object variable, or pass an ADDomain object through the pipeline to the
Identity parameter. For example, you can use the Get-ADDomain cmdlet to retrieve a domain object and then pass the object through the pipeline to the
Set-ADDefaultDomainPasswordPolicy cmdlet.
<
Online Version: http://go.microsoft.com/fwlink/p/?linkid=291115
Get-ADDefaultDomainPasswordPolicy
<
-------------------------- EXAMPLE 1 --------------------------
PS C:\>Set-ADDefaultDomainPasswordPolicy -Identity fabrikam.com -LockoutDuration 00:40:00 -LockoutObservationWindow 00:20:00 -ComplexityEnabled $True
-ReversibleEncryptionEnabled $False -MaxPasswordAge 10.00:00:00
This command sets the default domain password policy for a domain specified by using the Identity parameter. Note: setting MaxPwdAge to 0 will convert it to never, which is
Int64.MinValue or -9223372036854775808 in the directory.
-------------------------- EXAMPLE 2 --------------------------
PS C:\>Get-ADDefaultDomainPasswordPolicy -Current LoggedOnUser | Set-ADDefaultDomainPasswordPolicy -LockoutDuration 00:40:00 -LockoutObservationWindow 00:20:00
-ComplexityEnabled $true -ReversibleEncryptionEnabled $false -MinPasswordLength 12
This command sets the default domain password policy for the current logged on user domain.