PAM Expired password job

Document ID : KB000112172
Last Modified Date : 27/08/2018
Show Technical Document Details

How the Update Expired Password job works?
If I create a target account today at 9 A.M. and expires the day after, When should the password be updated? Next day at 9 A.M.?
Or the job executes once a day at certain time?

TargetAccountExpiredPasswordProcessorTask  runs every 12 hrs. The first cycle occurs when the appliance (i.e. tomcat)  is started and thereafter every 12 hrs. 

Assuming that the first cycle has started at 5 PM UTC, then the next cycle will be around 5 AM UTC next day and then again 5 PM UTC etc. If you have created an account at 7 AM UTC and the password expiration is set to 1 day, then the password rotation will happen at 5 PM UTC next day. This is because the cycle runs at fixed times (i.e. 5 AM UTC & 5 PM UTC)  and so when the current day 5 PM cycle is run the password has not expired because only 10 hours have elapsed. When next day 5 AM cycle is run the password is not expired because only 22 hours have elapsed.  So when  5 PM cycle is run , password has expired as 34 hours have elapsed and so the password will be updated.
Additional Information:
This TargetAccountExpiredPasswordProcessorTask  job can't be manually configured by the user.