Users who have their accounts deactivated in Active Directory are still able to access workflow “Forgot My Password”:
How can we make workflow “Forgot My Password” unavailable to deactivated users?.
In order to make workflow “Forgot My Password” unavailable to deactivated users, the "shared.storage" file located in the following folder needs to be edited for this workflow:
C:\ProgramData\One Identity\Password Manager\
Note: Before editing file "shared.storage", please ensure there is a backup of this file.
Next time the deactivated user accesses the Password Manager Self-service site the following will be shown: