Password Expiration Notification Troubleshooting Tips



 

1. How do I troubleshoot my password expiration notifier if it is not working as intended?

Check with the below checklist to find out where the problem lies and follow the steps enumerated to solve the issue.

  1. OU/Group configuration
  2. User enrollment status
  3. Mail delivery status
  4. Mail server settings
  5. E-mail address verification
  6. Incorrect date/time displayed
  7. Others
  1. OU/Group configuration

    Check if password expiration notification is enabled for the OU/Group in which the user is a member of.

    • Log in to ADSelfService Plus.
    • Click Configuration → Self-Service → Password Expiration Notification → Select Domain → Add OUs /Groups
    • Check if the OU/Group under which the user is present is selected.

    Checklist

     

  2. User enrollment status

    Check if the user has enrolled and if notifications are enabled only for enrolled users.

    • Click Configuration → Self-Service → Password Expiration Notification → Advanced (on the bottom right corner of the screen).
    • Verify if “Notify Enrolled Users Only” option is checked.
    • If it is selected, users who haven’t enrolled with ADSelfService will not be notified about impending password expiration.
    • If the user has not enrolled, direct the user to enroll with ADSelfService Plus to receive password expiration notifications.

    Note: This step is not applicable if you are using the Free Password Expiry Notifier tool.

    Checklist

     

  3. Mail delivery status

    Check if the mail has been delivered to the user.

    • Click Reports → Audit reports → Generate Notification delivery report.
    • Search for the user and check if the user has been notified, and the status of the notification mail.
    • If the status of the notification mail is marked ‘Success’, direct the user to check their spam/junk mail folders.

    Checklist

     

  4. Mail server settings

    Verify your Mail Server settings.

    • Click Admin → Product Settings → Server Settings -→ Mail Settings.
    • Check your mail server settings and make sure they are correctly entered.
    • Try sending a test mail to the administrator in the options provided.
    • If the mail is successfully sent, verify that the user's mail address in Active Directory is correct.
    • If the test mail fails to deliver due to errors in SMTP settings, the corresponding error will be displayed, which will aid in troubleshooting the problem quickly.
    • If the mail format is correct but the mailbox associated with that account is invalid, the password expiration notification mail will be automatically bounced back to the sender, in this case, the administrator.

    Checklist

     

  5. E-mail address verification

    Check if the email address of the user is correctly entered in the AD. If the email address of the user fetched from the AD is correct and the problem still persists, create a receive connector and resend the mail.

    • To create a Receive connector, open “Exchange Management Console”.
    • Click Server Configuration → Hub Transport.
    • Under Receive Connector, create a “New Receive Connector”.
    • Provide a "Name" (e.g, ADSSP).
    • Enter the IP address of the ADSelfService Plus server machine in the Remote Network Setting.
    • After creating the connector, navigate to properties → Authentication, and uncheck "Transport Layer Security(TLS)" and enable "Externally Secured".
    • Click Permission Groups → Enable Exchange users and Exchange Servers.

    Checklist

     

  6. Incorrect date/time displayed

    If the users receive the notifications as intended but the %dateTime% macros are not in the desired format, check the time zone configured in the tool.

    • Click Admin → Customize → Personalize → Choose the correct time zone.

    Checklist

     

  7. Others

    Check if the user's details are displayed in the Soon-To-Expire Password Users Report.

    • Navigate to Reports and generate the Soon-To-Expire Password Users Report.
    • If the report is empty, it is due to the Domain Controller being unreachable at the present moment or any other native exceptions. Check your domain settings to make sure that the ID provided for authentication has the permission to read user objects, PSOs and domain policy.

Checklist

 

 



2. How do I test the scheduler configured?



3. How do I preview the content of the scheduler without having to wait for it to run?

Note: Some macros like %dateTime% will not perform as intended.



4. How do I send the notification mail in HTML format?

 


Go to Top
Copyright © 2019, ZOHO Corp. All Rights Reserved.
ManageEngine