Environment
NetIQ Advanced Authentication 4.8
Situation
We need to know where and how to set the number of days before NetIQ will generate a random password.
Resolution
To understand how often password generation occurs, let’s consider an example:
These are default domain policy settings: Maximum password age = 42 days, Interactive logon: Prompt user to change password before expiration = 14 days.
So user’s password will be changed after 42-14 = 28 days (for GINA) after last changing (it’s a time when notification message about expiring password begins to appear in case when you don’t using the random passwords), and after 42 days (for CP).
Additional Information
Formerly known as 0026.