Hi
SAP note 1603600 points out som possible solution to the challenge. However setting the security policy on the UME layer similar to the LDAP still would give some problems: E.g. users with exired LDAP password might change it there one day and the day after when accessing the portal, then he would be prompted for a new password again.
The best solution would be to create a custom jaas login module that would check if the "expired password" attribute is set in the LDAP datasource. If set, then the login module should also set the UME flag called "'passwordchangerequired" in the UME to force a password change for the portal user. If LDAP "expired password" is not active, then the login module should ensure that UME "passwordchangerequired" is also unchecked.
Anyone, who has experience developing such an custom jaas login module?
Br
Tom Bo