[Freeipa-users] Password policy for admin account not working

[sipazzo]

Good morning, I created a "service" password policy that prevents password expiration and gave it a priority of 0. I then created a "service" user group and applied the policy to the group. I added my admin user to this group so their password would not expire. However, it continues to expire anyway. I have other (not built-in) accounts that use this policy successfully so it seems like the priority is not working correctly. I am unable to change the priority on the global_policy. Is my only option to add another policy with the same config as the global policy but a lower priority and assign that to all my users?