IM Provisioning Server 12.5 SP9 (and later) sets eTSelfChange=1 as part of the modification items when a password change is self-initiated. The strategy described here implements an operation binding to perform a custom action that checks for the presence of eTSelfChange and updates the passwordExpirationTime attribute accordingly.
Before proceeding with the steps below, you would need to create and deploy your DYN endpoint type because the steps below involve editing the metadata directly.
- In Connector Xpress, right click on your DYN endpoint on the right pane -> Edit metadata.
- Drill down the Data Model tree: Classes -> eTDYNAccount -> Properties
- Click Add, and define the new property as below:
- Name: eTSelfChange, Type: Integer
- isHidden, Type: Boolean, Value: true
- beanPropertyName, Type: String, Value: !eTSelfChange!
- connectorMapTo, Type: String, Value: !eTSelfChange!
- Click OK to save the metadata on the endpoint type.
- Right click on your DYN endpoint -> Export Data Model XML. Save it into an XML file.
- Click on the main menu -> Metadata -> Merge. Select the XML file and choose the overwrite option. Click OK.
- Save your Conn XP Project. This will ensure the metadata manual change is saved.
- Define a new Operation Binding for your User Account object class:
- Type: Script
- Operation: Modify
- Timing: Instead of
- Global Script: Load the contents from doCustomModify.txt
- Function Name: doCustomModify
- Save your Conn XP project and re-deploy metadata.
The eTSelfChange attribute will now be mapped to !eTSelfChange! and this will be present for password self-change operations. It is crucial for the operation binding to be defined correctly or the default modification function will cause an error to occur when it tries to modify !eTSelfChange! that does not exist on the endpoint account.
If you encounter problems, check jcs_stdout.log and look for debug messages written by the doCustomModify function.