I am trying to catch the event when "change password on next logon" in
Users and Computers is checked and unchecked in AD. It would appear that
the userAccountControl dirxml-uACDontExpirePassword Boolean value should
be TRUE and FALSE when it is checked and unchecked.

I tried adding dirxml-uACDontExpirePassword to the filter but I do not
see anything in the trace when "change password on next logon" is
checked and unchecked. Do I need to map dirxml-uACDontExpirePassword in
the schema map as well? What should it be mapped to in eDirectory?
Mapped to itself? We use dirxml-uACAccountDisabled and it is mapped to
Login Disabled in eDirectory. That seems to work but as I said I am not
sure what to map dirxml-uACDontExpirePassword to if it needs to be

Any help or suggestions would be appreciated.

Thanks in advance


martintduffy's Profile: https://forums.netiq.com/member.php?userid=8729
View this thread: https://forums.netiq.com/showthread.php?t=54080