We are trying to enforce password expiration for ISC native accounts (i.e. backdoor logins not linked to any external source like AD).
We have created a password policy that includes expiration settings and attached it to the governance connector source. However, it appears that the expiration settings are not supported for the loopback connector.
Is there any workaround or recommended approach to enforce password expiration or at least mail for periodic password changes for ISC native accounts?
Password expiration policies are currently not enforced on ISC native accounts (loopback source), even if configured in the password policy. As a workaround, you can implement a scheduled search or workflow that tracks the account creation or last password change timestamp. Based on this, you can trigger reminder emails to users after a set duration (e.g. 60 or 90 days). While this doesn’t force a change, it encourages compliance. For stricter control, you’d need to manage native account lifecycle externally or restrict their use.
Hi Varshini,
I do not think this is currently support by IdentityNow. Do any user have Active Directory or any other account attached in their profile ?
Yes this is not supported in ISC. Unfortunately, the users I am trying to expire the password do not have any AD accounts and passwords not managed through AD.