OIM - AD Account Exp. / Password Never Expires - Known Issue - Workaround?
448048Jan 30 2007 — edited Jul 19 2007The following known issue is documented in the OIM Connector Guide for AD:
"A problem may occur when provisioning Oracle Identity Manager users to Microsoft Active Directory using Microsoft Windows 2003. You must either select Password Never Expires or specify a valid date in the Account Expiry Date field. Otherwise, the user will be created and disabled immediately."
Does anyone have any feedback regarding workarounds to this known issue? My understanding / experience is that the account is not actually disabled immediately but the account expiration is set to Dec.31, 1969, which effectively disables the account. I'm looking for a workaround other than simply setting an account expiration date at sometime in the future and of course I do not want to set the "password never expires" flag. It is understood that the account expiration flag could likely be set to date far in the future, but this may not be an acceptable solution for some customers.
Any feedback is appreciated.