Novell Identity Manager - Password Synchronization
Novell Identity Manager 3.5.1
Novell Identity Manager Driver - Active Directory
Is it Possible to Sync Password Expiration Time from eDirectory to Active Directory?
No. There is no way to do it. Unlike eDirectory, a user's password expiration date is not an attribute of a user's profile in Active Directory. When a user logs in the pwdLastSet attribute (from the user on the domain) plus the maxPwdAge (from the domain) is added together. Then it is compared to the current time. If the current time is greater than the other 2 added attributes then the user is locked out of the system.
Because of this different way of handling password expirations, we cannot override the Active Directory setting.