Active Directory expiry date synchronization sets ExpiryDate to 0


Article ID: 128040


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal


The active Directory expiry date is set through the account template. When setting it, the endpoint value is always set to '0' when synchronization is taking place.

Why is the Active Directory expiry date set to '0' when synchronizing account with account template?


Identity Manager 14.x


The expiry date in the Active Directory endpoint is a capability attribute.
This means you cannot assign a different attribute to it. For example, you cannot set a custom attribute with a date and then assign that custom attribute to the expiry date.
When synchronizing, the date will be empty and thus set to zero ('0').
You can instead set the expiry date using a PX policy.

Additional Information