Forum Discussion
Have you found an answer to this? I have a related need-
I have an apm policy where we are 'on-boarding' new users as well as handling existing users. new users have expired passwords. existing users we don't care and don't want them to authenticate. (the authenticate is simply to get their AD password changed for the new users).
we have the user identifier (username).
we want to have only those users that we are 'on-boarding' -- who have expired passwords to go thorugh the AD Auth where it will see the password is expired and ask them to reset it.
How can we 'pre-check' that the user is expired or not? AD Query with a branch? or LDAP Query to AD with a branch?
What would the test be to determine that this user has an expired password?
Thanks in advance...