Hi,
In 8.1.3 (without Password Manager) we need to perfom a selective password expiration process. This means, we need to select batches of users to expire their passwords. This selection could be based on departments.
Base:
- Our password policies are based on Person's CentralPassword. This password is propagated to all user's accounts.
- We have one Password Policy that affects all employees.
- Authentication is based on Active Directory.
- All users have an Active Directory account.
Our best , safest, approach has been:
- Create a newer password policy with a password max valid days of 1 day, for urgent expiration.
- Apply that password policy to Department->Department on which expire the user's password, password column: CentralPassword.
We've tested this configuration but it seems to have no effect at all. We've created a new department, applied our "urgent expiration" password policy to it and moved in one user with a valid password. But that doesn't seem to have triggered anything at all and the user , whose password was changed more than a day ago, is still able to use the current credentials.
Needless to say this is our "first encounter" with password policies.
Would anyone be so kind to share some recommendations or hints?
Thanks in advance!