Hi - We leverage temporal group membership to control the length of time a user can remain password allowed before being flipped back to smartcard required.
When we need to reset the edsva-ScheduledLink-Endtime for entries in the group, we clear that value. That should prevent removal from the group at the scheduled time. Instead - it removes the member the night I clear that value.
Is this a bug or a feature? Is there a way to reset the edsva-ScheduledLink-Endtime without triggering the removal of the account from the group?