Hi All.
At present we use Password Manager along with Identity Manager. Should a user change their password throughout the day the user will eventually get their password reset prompt during the day after logging on successfully in the morning. If a user allows this to expire then they could find themselves being locked out mid way through the day when this time is reached.
to prevent this I want to be able to amend the template for ADSAccount.PWDLastSet so the time is amended to midnight.
At present it will be stored as 10/10/2016 10:40:52
So the user could log on at 09:00 successfully on the day their password is due to expire, but should they lock their PC at any point after 10:40 they will be locked out.
I want to be able to ensure that when written back to AD from Identity Manager the time is removed and input as 00:00:00 or 23:59
10/10/2016 00:00:00
Or
10/10/2016 23:59:00
This would mean that a user would be locked out overnight rather than it occurring through the day and causing them confusion.
Does anyone have a method of this to be achieved?
Kind regards, Paul.