Adaxes

User account expires is "unspecified"

0 votes

Hi,

I set up a scheduled task to disabled expired accounts. The date is set to AD by our HR software - always set to %date% 12:00 AM.

My condition is set to: image.png

I noticed more than expected accounts got disabled, cause Adaxes shows their account expires attribute as "unspecified". AD attribute editor shows as normal "never".

Also I can set this "unspecific" value to accounts ... why?

Looking into account expire property with Powershell I can see "never" has value "9223372036854775807" "unspecified" has value "0" image.png

How can I look for those accounts? I didn't found any filter option.

Thanks.

by (1.5k points)

1 Answer

0 votes
by (289k points)

Hello,

The behavior is by design in AD. It allows you to have accounts that never expire, that expire on a specific date and that do not have the property specified. In fact, user that have the Account Expires set to 9223372036854775807 or 0 will both never expire. If you want to have a condition that will only be met for users that have the Account Expires set to 0 (unspecified), use the following approach: image.png

Related questions

0 votes
1 answer
Remove User Groups from User with account expires after one month with a scheduled task

Hello! how do i manage do get adaxes to remove all groups from the user after one month? We have a Business Rule where you can add an end of Date when the Account ... value field the powershell script works but not with the +1 Month. Thanks for your help!

asked Jun 14, 2023 by eww ag (140 points)
0 votes
1 answer
Password Last Set is showing as unspecified

I am experiencing that I can no longer use computed results such as password expiration date, days left, and so on. Is there any known cause of this? I have ... When sending an email through Scheduled Task, the parameter sends null data in the email.

asked 1 day ago by Daniel (160 points)
0 votes
1 answer
Business Rule to set Account Expires to 5 pm

Hello, I'd like the change the behavior of the account expires field from end of the day meaning 12am the next day to a specific time on the date specified. Example 5pm on ... got the idea from here: https://mikefrobbins.com/2013/12/12/set ... owershell/

asked Jul 31, 2019 by polley (1.2k points)
0 votes
1 answer
What is the best way of establishing the last logon when a user account has both a AD and AzureAD user account?

I am unsure how to deal with this because of how Adaxes treats one identity account as two different objects, an AD and AzureAD user account, and both has different last logon values. What is a good way to combine the data?

asked Apr 22 by Daniel (160 points)
0 votes
1 answer
Is there a way to update the account expiry after a user logs into a computer?

Hello, I'm trying to create a business rule that will update a user account expiry date when that user logs in for the first time. I'm new to Adaxes, so I don't have a ... updated by a user's action, such as "Last Logon". Is it possible to make this work?

asked Mar 6 by sjjb2024 (60 points)
3,548 questions
3,238 answers
8,232 comments
547,813 users