Hi Recently we migrate our local domain to a regional domain leaving the messaging system on the local domain. So right now we have a domain used by all the users for all the network services, and a second domain being used only to handle the messaging system. The users logon to the regional domain, and when they open outlook they logon to the local domain. Once we moved to the new domain, we decided to increase the password age policy. I checked all the policies over the local domain and there's no place left where I didn't changed the Maximum Password Age policy to 90 days but no matter what the accounts of the users keeps expiring each 30 days. What I'm doing wrong? Why the old domain keeps expiring the account ignoring the polocies set up on that domain? Thanks in advance. Regards. WDNV

just start Group Policy Management Console and create Group Policy Modeling model for one of the DCs in the domain which contains the user accounts (that should be the regional if I understand correctly you explanation).Also, you can use ADSI Edit in that account domain and look into properties of the Default Naming Context of that domain (the domain root node). There should be an attribute called MaxPwdAge which is acutally what is enforced on the user accounts.Are you sure the user accounts are really located in the correct domain?ondrej.