Hello Friends!

We trying to achieve a workflow for auto password expiration for internal users.

The main goal is to set period(30 days for example) after which user account would be forced to change password during next login.

We have no option to redirect users to any portals on ISE(we use internal users for SSLVPN Auth on VPNGW)

There is even special option exist in every account Change password on next login (also in available in API)

This option works great for us(user change password when login over sslvpn), but looks like there is no way to set this option automatically instead of complete account block

Looks strange but current option is to only completely block account after timer expiration.

It is also strange because of topic name in ISE configuration called Password Lifetime, but in reality it is Account lifetime.

In Admin guides for newer versions(2.7\3.0) nothing new about it.

Maybe I was missing something?

Why so convenient and necessary feature still not available in ISE (especially if it is even available with API)?

Regards,

Artem