000023302 - Windows account expiry

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000023302
Applies ToAuthentication Manager 7.0
Authentication Manager 7.1
IssueUsing the Windows account expiry field
Account Expires
PASSCODE accepted
A user account which has expired in Active Directory which is an RSA Authentication Manager identity source can still authenticate and get PASSCODE accepted.

It is possible to configure Active Directory accounts to expire at the end of specific date.  This is administered in Active Directory in the Account properties tab for the user (Microsoft documentation should be used to know if this is local or UCT time).  In Authentication Manager 7.0 a user whose account had expired in Active Directory was still able to authenticate with a PASSCODE and gain network access via the RSA ACE/Agent.

This was caused by a logic issue in the RSA Authentication Manager and is expected to be corrected before the release of RSA Authentication Manager 7.1 however if it is not built into the released product then a subsequent patch will be made available.


The problem has been resolved for RSA Authentication Manager 7.0 and administrators should install Patch_362437_7.0.4-362437 (obtainable from RSA Customer Support).

This issue will not affect RSA Authentication Manager 7.1 as the problem resolved before general release of this version.

Also:  during the creation of the Identity Source in the RSA Administrative Console the User Account Enabled State should be set to Directory.

For more information see the documentation on the DVD or online in RSA SecurCare Online:


RSA Authentication Manager 7.0 Release Notes



RSA Authentication Manager 7.0 Administrator's Guide



RSA Authentication Manager 7.0 Getting Started



RSA Authentication Manager 7.0 for Installation Guide



RSA Authentication Manager 7.0 Planning Guide



RSA Authentication Manager 7.1 Release Notes



RSA Authentication Manager 7.1 Getting Started  



RSA Authentication Manager 7.1 ISO Mounting Instructions  



RSA Authentication Manager 7.1 Administrator?s Guide



RSA Authentication Manager 7.1 Installation Guide  



RSA Authentication Manager 7.1 Migration Guide



RSA Authentication Manager 7.1 Planning Guide



RSA Authentication Manager 7.1 RADIUS Reference Guide



Legacy Article IDa38184