Active Directory expiry date synchronization sets ExpiryDate to 0

book

Article ID: 128040

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

The active Directory expiry date is set through the account template. When setting it, the endpoint value is always set to '0' when synchronization is taking place.
 

Why is the Active Directory expiry date set to '0' when synchronizing account with account template?

Environment

Identity Manager 14.x

Resolution

The expiry date in the Active Directory endpoint is a capability attribute.
This means you cannot assign a different attribute to it. For example, you cannot set a custom attribute with a date and then assign that custom attribute to the expiry date.
When synchronizing, the date will be empty and thus set to zero ('0').
You can instead set the expiry date using a PX policy.
 

Additional Information

N/A