Administration Guide › Password Management › Password Policies › Password Policies with SiteMinder › Configure Password Expiration › Password Expires if Not Changed Settings

Password Expires if Not Changed Settings

Note: To configure password expiration settings, Identity Manager must integrate with SiteMinder. See the Implementation Guide for more information.

In the Password Expires if Not Changed fields, you can configure behavior for passwords that have expired and have not been changed by the owner. Optionally, you can specify how far in advance users are warned that their password will expire.

You can configure the following fields:

After <number> Days

Determines the number of days after a password expires that Identity Manager waits before disabling the user or forcing a password change.

Note: Identity Manager does not disable the user account until the user attempts to login after the specified number of days has elapsed.

Disable User

If this radio button is selected, when a user’s password expires, Identity Manager disables the user. Disabled users can be enabled by using:

• The Enable/Disable User task in the User Console. (The default System Manager, Organization Manager, and Security Manager roles include the Enable/Disable User task.)
• The SiteMinder administrative user interface.

  Note: For more information, see the CA SiteMinder Policy Server Administration Guide.

Force Password Change

If this radio button is selected, when a user’s password expires, Identity Manager forces a password change when the user next attempts to log in.

Issue expiration warnings for <number> days

Allows you to specify how many days in advance a user is notified that a password will expire.