02 January 2012

Tivoli Access Manager 6.1 account/password expiry notification

Ever wondered how to use password/account expiry notification in your TAM 6.1 deployment? As it is not supported out of the box, you need to either:
- enable appropriate stanzas in your pd.conf file:
enable-passwd-warn = yes
passwd-warn = passwd_warn.html
passwd-warn-failure = passwd_warn.html
account-inactivated = acct_locked.html
but this requires LDAP supporting password lifecycle options
- or use passwordexpiry.war application supplied by helpful guys from Australia.
I did this and even enhanced app's functionality, but I need some confirmation from the authors that it has been 
posted in the article.
if your not close with the LDAP underneath your TAM, go for the 2nd.

Good luck!


  1. Radek,

    I was wondering if you could elaborate more on "LDAP supporting password lifecycle options".

    We are using TAM6.1.1 and TDS6.3. Do you know if TDS6.3 supports option1 and how to configure it..

    options 1 looks easier than option 2.

    I'll appreciate your reply.

    thanks in advance

  2. Rohit, yes, in your version combination you can use expiry notification generated by TDS 6.3. read more about the attributes here:
    and here:
    hope this helps!
    thanks for leaving a comment.

  3. Tivoli Access Manager Online Training
    Tivoli Access Manager for e-business Introduction and Overview
    Business Requirements
    Tivoli Access Manager Architecture
    Tivoli Access Manager components
    Authentication Security Policy
    Protecting Resource
    Tivoli Access Manager for e-business Installation
    21st Century providing Online training and support on All Technologies. If you are seeking training and support you can reach me on 91-9000444287. Online training by real time Experts. Call us 001-309-200-3848 for online training