<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">If I understand correctly, you
      configured password policy "ForceExpiredPasswordChange" in
      Keycloak and after that period, you are seeing that keycloak
      requires changing password from serviceAccount user? This looks
      like a bug, serviceAccount users shouldn't be subject to password
      policy. Not even sure how is that possible...<br>
      <br>
      Feel free to create JIRA for this. Ideally with describing a bit
      more details (how you configured passwordPolicy, how you use
      serviceAccount, at which stage you see an issue, stacktrace (if
      present) etc. Thanks!<br>
      Marek<br>
      <br>
      On 09/05/16 15:13, Kevin Thorpe wrote:<br>
    </div>
    <blockquote
cite="mid:CAFMa6BbK+WDHsepcPy72y6HxaR7KAsff+O4mab_76bxqvdWQiw@mail.gmail.com"
      type="cite">
      <div dir="ltr">Hi, we've just hit an issue where Keycloak was
        requiring a password change on a service account. We have
        addressed this by changing the password and also on the client
        service. We do though need to handle this before it all falls
        over as we missed a reporting run last night and breached our
        SLA with our client.
        <div><br>
        </div>
        <div>What would be best practice for this? I'm thinking best to
          enforce rollover but we need a report on which service
          passwords are going to require reset. Is there any way to do
          that?<br clear="all">
          <div>
            <div class="gmail_signature">
              <div dir="ltr">
                <div>
                  <div dir="ltr">
                    <div dir="ltr">
                      <div><br>
                      </div>
                      <div>
                        <div style="color:rgb(0,0,0);font-size:12.8px">
                          <div><font face="verdana, sans-serif"><b>Kevin
                                Thorpe</b></font></div>
                          <div style="font-family:'Times New Roman'">VP
                            Enterprise Platform</div>
                          <div style="font-family:'Times New Roman'"><img
                              moz-do-not-send="true"
                              src="http://i.imgur.com/8UeC1YO.png"
                              height="96" width="96"><br>
                          </div>
                          <div style="font-family:'Times New Roman'"><a
                              moz-do-not-send="true"
                              href="http://www.p-i.net/"
                              style="color:rgb(17,85,204);line-height:18.6311px"
                              target="_blank"><a class="moz-txt-link-abbreviated" href="http://www.p-i.net">www.p-i.net</a></a> | <a
                              moz-do-not-send="true"
                              href="https://twitter.com/@PI_150"
                              style="color:rgb(17,85,204);line-height:18.6311px"
                              target="_blank">@PI_150</a></div>
                          <br>
                          <b style="font-family:'Times New Roman'">T: <a
                              moz-do-not-send="true"
                              href="tel:%2B44%20%280%2920%203005%206750"
                              value="+442030056750"
                              style="color:rgb(17,85,204)"
                              target="_blank">+44 (0)20 3005 6750</a>  |
                            F: <a moz-do-not-send="true"
                              href="tel:%2B44%280%2920%207730%202635"
                              value="+442077302635"
                              style="color:rgb(17,85,204)"
                              target="_blank">+44(0)20 7730 2635</a>  |
                            T: <a moz-do-not-send="true"
                              href="tel:%2B44%20%280%29808%20204%200344"
                              value="+448082040344"
                              style="color:rgb(17,85,204)"
                              target="_blank">+44 (0)808 204 0344</a> </b><br>
                          <b style="font-family:'Times New Roman'"><font
                              color="#515151">150 Buckingham Palace
                              Road, London, SW1W 9TR, UK</font></b><font
                            face="Times New Roman"> </font><br>
                          <br>
                          <div style="font-family:'Times New Roman'"><a
                              moz-do-not-send="true"><img
                                moz-do-not-send="true"
src="https://clients.p-i.net/documents/11003/1116416/BSI-UKAS.logo_150.png"
                                height="40px"></a>     <a
                              moz-do-not-send="true"><img
                                moz-do-not-send="true"
src="https://clients.p-i.net/documents/11003/1116416/ISO27001.logo_150.png"
                                height="40px"></a>     <a
                              moz-do-not-send="true"><img
                                moz-do-not-send="true"
                                src="https://clients.p-i.net/documents/11003/1116416/QMS.logo_150.png"
                                height="40px"></a>     <a
                              moz-do-not-send="true"><img
                                moz-do-not-send="true"
                                src="https://clients.p-i.net/documents/11003/1116416/pci.logo_150.png"
                                height="40px"></a></div>
                        </div>
                        <div style="color:rgb(0,0,0);font-family:'Times
                          New Roman';font-size:medium"><br>
                          <b><span style="color:rgb(106,168,79)">SAVE
                              PAPER - THINK BEFORE YOU PRINT!</span></b>
                          <p><font size="1">____________________________________________________________________</font></p>
                          <p style="color:rgb(34,34,34)"><font size="1">This
                              email and any files transmitted with it
                              are confidential and intended solely for
                              the use of the individual or entity to
                              whom they are addressed. If you have
                              received this email in error please notify
                              the system manager. This message contains
                              confidential information and is intended
                              only for the individual named. If you are
                              not the named addressee you should not
                              disseminate, distribute or copy this
                              e-mail. Please notify the sender
                              immediately by e-mail if you have received
                              this e-mail by mistake and delete this
                              e-mail from your system. If you are not
                              the intended recipient you are notified
                              that disclosing, copying, distributing or
                              taking any action in reliance on the
                              contents of this information is strictly
                              prohibited.</font></p>
                        </div>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
    </blockquote>
    <br>
  </body>
</html>