Ensure that the Ensim CronJob service is enabled
and running on one of the PE servers so that Unify can send email
messages to the users whose passwords are about to expire.
After you enable
the password expiration feature for an organization, all existing
users of the organization, whose passwords have expired according to the
Maximum password age property in the password policy on the AD server
will not be able to log in to the Unify control panel. To resolve this,
you can increase the value of Maximum password
age property to its maximum value and notify all these users to change
their passwords. You can then set the value of
Maximum password age property back to the desired value.
If a user fails
to change its password before it expires, then the user will be unable
to log in to its control panel and the error message "Your
password has expired. Contact your service provider for assistance."
will be displayed. In such a case, the organization administrator should
use only the Unify control panel to reset that
user's password. Resetting the user's password directly in the Active
Directory causes inconsistencies with the Unify databases.
While editing an
organization to enable or disable the password expiration feature, if
the organization has a large number of users,
the Unify control panel may display database timeout
errors.
If you have restricted the default organization administrators
from changing their control panel passwords and then you enable
the password expiration feature for any organization, the default organization
administrator will not be able to change its own password in case its
password expires. To resolve this, you can increase
the value of Maximum password age property to its maximum value, then
change the default organization administrator's password.
Some Unify services
such as the Hosted Exchange 2003 service allow the organization administrator
to create a user using the dashboard view. Currently
this view does not have an option to enable the password expiration feature
for the user. Therefore, by default, these users will inherit
the password expiration setting from the organization. However, the organization
administrator can still change this setting for such a user by editing
that user’s properties.