Product Documentation

Configure the password expiry notification period

Aug 26, 2014

If you enable Receiver for Web site users to change their passwords at any time, local users whose passwords are about to expire are shown a warning when they log on. By default, the notification period for a user is determined by the applicable Windows policy setting. To set a custom notification period for all users, you edit the configuration file for the authentication service.

Important: In multiple server deployments, use only one server at a time to make changes to the configuration of the server group. Ensure that the Citrix StoreFront management console is not running on any of the other servers in the deployment. Once complete, propagate your configuration changes to the server group so that the other servers in the deployment are updated.
  1. Use a text editor to open the web.config file for the authentication service, which is typically located in the C:\inetpub\wwwroot\Citrix\Authentication\ directory.
  2. Locate the following element in the file.
    <explicitBL ... allowUserPasswordChange="Always" 
      showPasswordExpiryWarning="Windows" passwordExpiryWarningPeriod="10" ... >
  3. Ensure that the allowUserPasswordChange attribute is set to Always to enable password expiry notifications. Change the value of the showPasswordExpiryWarning attribute to Custom to apply a specific password expiry notification period to all users. Use the passwordExpiryWarningPeriod attribute to set the password expiry notification period in days. Receiver for Web site users connecting from the local network whose passwords are due to expire within the specified time period are shown a warning when they log on.