AD password expired
I've configured a portal to give my end users the possibility to change the AD password. Now I'd like to add a feature and check if the password has expired and send them on another flow. Is there a way to accomplish this with an APM Query? I was thinking to work on pwdLastSet attribute but I need to convert it and then compare it with the configured policy. Is there a way to do it in a simpler manner?
thank you for your answer. I solved my problem putting an AD query block between the logon page and the authentication block, and intercepting if the last error contians the words "Password is expired". If any matches occur I will send the client to another flow where he does only AD authentication that force itself to change the password.