Customer needs to change password for the service account in the Active Directory (LDAP) and set it up in the AA configuration.
In order to access Active Directory, you must set the parameters in the file AA-ExternalIdentityProvider.xml.
You must set the location of the Active Directory server and define the credentials of a user who has permission to logon to Active Directory and navigate through the users and user properties. This user cannot have permissions to write to Active Directory. As a result of this limitation, the change password feature is not supported in this connector since it requires to write permission to Active Directory.
The steps to change it manually are:
Change the password for the service account in LDAP
Set the LDAP-password-BASE64 parameter. For example, UEBzc3cwcmQ. The password of the user is translated into BASE64. In the example above, the original password is actually P@ssw0rd.
Put the encoded password in the AA-ExternalIdentityProvider.xml, in the section where the Service account is setup.
Source: AAOP documentation, Operations guide Section 14: Using an External Identity Store