2jviz (2jviz) asked a question.
Some of my users are getting your password is expiring prompt but we do not have a password policy in place yet where passwords expire in AD as we are AD sourced. Before I was able to fix this issue temporarily by resetting the user's password in AD and it would go away but for some users it would still happen and happened to me twice.
I went into MMC and made some changes to the default domain policy. I set the minimum and maximum password age to 0 days for both. Looks like after doing this, there is no way to fix this issue even temporarily as the users still get that password is expiring prompt after logging in. I believe this is an issue on AD's end and not Okta's end as there is no setting that would make sense in Okta to cause this issue.
Hello @2jviz (2jviz) Thank you for reacting out to our Community!
As you are using Delegated Authentication, you might want to disable "Prompt user x days before password expires" if this is enabled, since for the moment you are not using password expiring. Also look at an affected user for this and review if there is maybe a different policy doing this or if there is anything special done for that particular user.
From our end there is no way to expire the password on AD side. Also, make sure that the affected users are indeed AD mastered and not Okta.
The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.