Intune Password Policy Precedence

Copper Contributor

Hi All


Having difficulty trying to figure out the following


I have created a password policy on Intune for my MDM device (windows 10 pro)

However, i notice that the more restrictive policies always take precedence.


For example

Local machine has policy to expire user password every 5 days.

On Intune the policy for password expiration is set to 10 days.

Local machine password expiration policy will take effect. 

Likewise for option such as password length.


I will like to ask if

i) is that the expected behavior?

ii) is there anyway to force intune created policies onto the local device?


Thanks in advance!




3 Replies
The password policy only applies to local user accounts, not Azure AD accounts. For this you can check
Hi good morning

Normal when policies are pushed with intune the most restrictive one will win. But could you explaining the "local policy" part? do you have an hybrid environment/old gpo's which are pushing this setting?
If so, then you perhaps need to set ./Device/Vendor/MSFT/Policy/Config/ControlPolicyConflict/MDMWinsOverGP (