[midPoint] Password Aging?

Ivan Noris ivan.noris at evolveum.com
Tue Oct 8 06:14:57 UTC 2019

if you are talking about password aging using maxAge in the security policy, this works for midPoint authentication. 
Users with passwords out of the maxAge (since the last password change) are not allowed to login to midPoint. 

Best regards, 

From: JStanczak at vinu.edu 
To: "midPoint General Discussion" <midpoint at lists.evolveum.com> 
Sent: Monday, October 7, 2019 2:08:43 PM 
Subject: [midPoint] Password Aging? 

I'm trying to age passwords that have not been changed in 180 days. I can set a "valid to" and the expire works fine. But password aging doesn't seem to change it. I'm not sure where I went wrong. 


<attribute id="4"> 
<script xmlns:xsi=" [ http://www.w3.org/2001/XMLSchema-instance | http://www.w3.org/2001/XMLSchema-instance ] " xsi:type="c:ScriptExpressionEvaluatorType"> 
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType; 
return effectiveStatus == ActivationStatusType.DISABLED; 


midPoint mailing list 
midPoint at lists.evolveum.com 

Ivan Noris 
Senior Identity Engineer 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/20191008/a20633fc/attachment.html>

More information about the midPoint mailing list