We have an account creation process where new users are brought from
PeopleSoft into a SQL database, which then creates a corresponding
account in IDM via a JDBC connector, and thence to AD. The problem is
that we want the user to change their password immediately, as they
would be if the account was created locally. This is not happening.
New user accounts are getting a 90-day password expiration, I assume
because IDM is seeing it as a user-initiated password change.

What would be the best way to change this so that new users are created
with an expired PW no matter how they're created?

Any suggestions are appreciated.