locked
ADFS 2.0 False Notification of Password Expiration RRS feed

  • Question

  • Hello,

    We have an ADFS Single Sign-on and Azure AD that syncs with our on-premises Active Directory. Our users all have Office 365 as well.

    We are running in to an issue where the SSO is notifying users that their password has expired, however, that is not actually the case. When they attempt to sign in to the SSO, they receive a notification stating, "Your password has expired. Type your updated password and try again." Their password is active and not expired in AD though. They can still sign in to their domain computers, the can sign in to mail.office365.com and other online resources with those credentials, but the SSO thinks it is expired for some reason.

    Everything should be driven from AD. As a workaround, if we "reset" their password in AD to the same as their current password, then the SSO lets them in just fine. We have had a dozen or more users now that have had this happen and I am sure it is only a matter of time before the rest of our users run into the issue. Any guidance on where I can check why the SSO thinks the passwords are expiring sooner than they should?

    I have confirmed all of the Office 365 accounts are set to "never expire." Everything should be based off of our AD where I believe our expiration period is 180 days. Where else can I look?

    Tuesday, October 20, 2015 8:57 PM

Answers

  • Hi,
     
    Thanks for your question. I understand that user will get false password expiration notification while attempting sign in to ADFS Single Sign-on.
     
    We mainly focus on ADDS related question in current forum, there is not so much about ADFS/SSO aspects here. You might want to post in the dedicated forum belowfor more professional responses. That's where most ADFS experts hang out:
     
    https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=Geneva
     
    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us.
     
    Thank you for your understanding.
     

    Regards,

    Ethan Hua


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Wednesday, October 21, 2015 5:26 AM