LDAP_UNWILLING_TO_PERFORM when attempting to clear pwdLastSet via PX
Article ID: 202204
Updated On:
Products
CA Identity Manager
CA Identity Governance
CA Identity Portal
CA Identity Suite
Issue/Introduction
Attempting to clear the pwdLastSet attribute for a user via PX against the AD account, we are getting an error
Connector Server Modify failed: code 53 (UNWILLING_TO_PERFORM):
How can we address that and reset the attribute value?
Environment
Release : 14.x
Component : IdentityMinder(Identity Manager)
Cause
This is core AD requirement, external to any application. AD will not allow this value to be cleared - using IM or any LDAP client
Resolution
The PX should be using 0 to reset the value of this attribute.
Feedback
Yes
No
Powered by
