SecureAuth IdP Version Affected: 9.0 and below
How to configure the reset realm to use Enforce Password Change Requirements while allowing a minimum password age of 1 or greater.
When using Enforce Password Change Requirement, the SecureAuth IdP sets two passwords: a randomly generated password and the user's new password. This causes an issue with AD policies that have a minimum password age of 1 or greater.
1. Go to your Password Reset Configuration Page
2. Switch the Password Reset Mode to "Administrative Password Reset".
3. Change Must Change Password at Next Logon to "True".
4. Click Save.
5. Switch the Password Reset Mode back to "Enforce Password Change Requirements"
- Leave Must Change Password at Next Logon to "True". Once you set it to Enforce Password Change Requirements, it will be hidden but still selected.
6. Click Save.