Passwords sometimes are changed outside of PAM and the account password on PAM is not in sync with the account password on the target server. Reconciliation policy will collect all such accounts where the passwords on the PAM do not match with password on the target server.
Follow the given procedure to set the Reconciliation Policy in EPM:
Navigate to the Policies tab.
Click on Reconciliation Policy on the right access bar.
Click on + Add Reconciliation Policy.
Policy Name: Provide the policy name for the reconciliation policy.
Verify Account: Verify option will enable the password verification process on the accounts.
Schedule: Select the schedule of how you prefer to verify the passwords based on this policy.
Once: Set this setting if you prefer to verify the password once on a specific time (preferably at a future date).
Daily: Recommended policy setting verifying password.
Weekly: Set this setting to schedule verification of password on a weekly basis.
Monthly: Set this setting to verify password change on a monthly basis.
Recur Every: Default value is set to 1. You can set the value of recurrences like every 1 month or every 2 weeks, according to your preference.
Schedule Time: Select 'Any' if you like to schedule changes based on system define time or a specific time of the day to initiate verification of a password.
Start On: Select start day for policy to be activated in the system. The default value is the next day.
Valid Till: Activate this setting when you want the policy to expire and stop verifying passwords.
Reconcile Account: This option will enable the password reconciliation process.
Exclude Account(s): This will exclude the mentioned accounts from the reconciliation process.
Click on Save.