This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to uncheck AD Account checkbox for User must change password on next logon

Harish_Yara
New Contributor III
New Contributor III

‎02/08/2023 03:09 AM

Hi Team,

When an AD account is provisioned by Saviynt by default that AD account's check box is checked for the option User must change password on next logon

Is there anyway to uncheck this checkbox by default after AD account is provisioned by Saviynt? 

In AD Connector CREATEACCOUNTJSON pwdLastSet=-1 is used.

@rushikeshvartak 

Thanks,

Harish

 

Labels:
0 Kudos
4 REPLIES 4

sk
All-Star
All-Star

‎02/08/2023 04:02 PM

Share the createAccountJSON


Regards,
Saathvik
If this reply answered your question, please Accept it As Solution to help others who may have a similar problem.
0 Kudos

rushikeshvartak
All-Star
All-Star

‎02/08/2023 09:38 PM

https://forums.saviynt.com/t5/identity-governance/pwdlastset/m-p/22861


Regards,
Rushikesh Vartak
If the response is helpful, please click Accept As Solution and kudos it.
0 Kudos

Harish_Yara
New Contributor III
New Contributor III
In response to rushikeshvartak

‎03/28/2023 12:33 AM

Hi @rushikeshvartak ,

When creating AD account for the first time User must change password on next logon option is not checked but when trigger Change Password task for that AD account from API call using changePassword API the check box is checked but we don't want to be checked after Change Password task is processed for that AD account is there anyway that we need to add/remove configs to make this work?

Thanks,

Harish

0 Kudos

timchengappa
Saviynt Employee
Saviynt Employee
In response to Harish_Yara

‎04/03/2023 03:19 PM - edited ‎04/03/2023 03:22 PM

Hi @Harish_Yara 

Have you also tried passing the "pwdLastSet=-1" or "pwdReset ":" false"}," in the RESETANDCHANGEPASSWRDJSON?

{
"RESET": {
"initials": "X",
"telephoneNumber": "XXXXXXXXXX"
},
"CHANGE": {
"in
itials ":"
X ","
telephoneNumber ":"
XXXXXXXXXX "},"
CRITICALCONTROLDATA ":{"
AT
TRIBUTES ":{"
RESET ":{"
pwdReset ":" false "},"
CHANGE ":{}},"
CONTROLINITPARAMS ":{"
id ":"
X.X.XX.X.X.XX.XX ","
criticality ":true,"
value ":null}}}

External Ref: https://learn.microsoft.com/en-us/windows/win32/adsi/user-must-change-password-at-next-logon?source=...

0 Kudos
Copyright © 2023 Khoros, LLC