11.22 Setting a Password in Active Directory Driver Resets the eDirectory Password Expiration Date to the Current Date

Whenever you set a password in Active Directory driver, the password syncs to Identity Manager, as expected. However, this also resets password expiration date in eDirectory to the current date and time. Because of this, a user with a future password expiration date in eDirectory now has an expired password.

To workaround this issue, perform the following steps:

  1. Click the upper-right corner of the Active Directory driver, then click Edit properties.

  2. Navigate to Driver Properties > Global Configuration Values.

  3. In Password synchronization policy tab, ensure that you deselect the If password does not comply, enforce Password Policy on the connected system by resetting user’s password option.

This ensures that the eDirectory password expiration date is not reset whenever you set passwords in Active Directory.