With an Authentication scheme with the "X509 Client Cert Template", "Password Policies enabled for this Authentication Scheme" is not enabled. When this is not enabled the Advanced Password Services APS.CFG policies for account operations, such as writing to the login history table as well as writing to the smapsLastLogin are not executed.
Release : 12.8.xx
You require the functionality of APS on an Auth Scheme that uses X509 certificates. In a standard configuration, APS does not work with an X509 Auth Scheme.
To use APS with a X509 Cert Auth Scheme, set the "ignorepwcheck" flag to false using the XPS Export/Import commands.
Configure out APS.CFG to exclude Password specific operations from affecting out cert based accounts using the Conditionals supported in APS.CFG.