I understand setting the SSO password policy to a large number like 9999 is the workaround.
So question...
If i am controlling password policy via a group policy within active directory and it is currently set for all users to reset their passwords every 115 days. If I set the password policy to 130 days within SSO, will it inform my AD users to reset their passwords? And if so, is it tracking this within its' own DB? Is there someway to disable this or prevent it from happening?
I'd hate for my users to get their password change notification from AD at 115 days, and then after they change their password, SSO hits them up again 15 days later - see what I mean?