AD Password Expiration

On AD/LDAP Sites, you can configure EFT through a registry key setting to send an email notifying users that their password is about to expire in <n> days. Without this value, EFT (for AD/LDAP Sites) will not attempt to check password status or send notification emails. If the user's password expiration date matches any of the list of days in the registry key, a notification email will be sent to the user’s email address specified in the emailaddress field of the user's AD account. This default setting sends email notifications 30 days, 15 days, 10 days, 5 days, and 1 day before the password expires. You can edit the number of days and frequency to send notifications.

EFT executes cleanup procedures every day at 00:00:00 UTC and at Server Startup. This daily server cleanup removes/disables inactive administrators and user accounts and sends password reset and expiration notifications for every Site.

The EFT must have "Log On as a domain user" permission for email notifications to work.  

For details of advanced properties for passwords on AD/LDAP-authenticated Sites, refer to https://kb.globalscape.com/KnowledgebaseArticle10516.aspx.