Today I upgraded our PA-500 from 6.1.4 to 7.0.0.
After the reboot, when I log in with the GlobalProtect client, I receive the following message in red in the warnings/errors section:
"Password expires in 0 days."
We authenticate our VPN users to an AD domain using LDAP. The AD accounts are set to "password never expires".
I looked at the LDAP authentication profile, and the password expiry warning field requires a value of 1-255, and defaults to 7 days, even if I leave the field blank. Is there any way to turn this check off? My users' passwords don't have expire dates, and I'd rather they not receive this erroneous error message. It does not prevent them from logging in, and the VPN otherwise works normally.