Removes password histories that have a date and time that are earlier than the specified date and time. To use this method, you must be logged on as a member of the MIISAdmins security group.

string ClearPasswordHistory( [in] String EndingBefore


In Language Name Data Type Description





The date and time string, in Coordinated Universal Time (UTC), of the most recent password history that will be deleted from the server. Password histories that are later than this specified date and time are preserved.

If you want to delete the password histories based on a local date and time, convert the local time to UTC.

The format of this parameter is yyyy-MM-dd HH:mm:ss.fff.

Format specifier Description


Specifies the four-digit year.


Specifies the two-digit month in the range of 1 to 12.


Specifies the two-digit day of the month in the range of 1 to 31.


Specifies the two-digit hour of the day in 24-hour format in the range of 0 to 23.


Specifies the two-digit minute of the day in the range of 0 to 59.


Specifies the two-digit second of the day in the range of 0 to 59.


Specifies the three-digit fractions of a second in the range of 0 to 999.

To delete password histories by date only, omit the time units in the parameter.

Name : ClearPasswordHistory

Return Value


A string that contains the final status of the method. The return value can be one of the values that are listed in WMI Provider Return Strings, or one of the following values.

Name Description


The password change histories that have end times that are earlier than the specified time were successfully deleted from the server.


The user who is running this method is not a member of the Forefront Identity Manager Synchronization Service (FIM Synchronization Service) security groups. Verify that the user is a member of one of these groups.


The specified date is in the wrong format, or password change histories do not exist for this date. Verify that the specified date is in the correct format.


FIM Synchronization Service uses the password change history log to determine whether the number of password changes that are requested in a 24-hour period exceeds the number that is specified in the management agent properties. When you successfully run this method, the history log is cleared and a new 24-hour period is started for the maximum number of password changes.

To clear the password change history log, run the ClearPasswordQueue Method before you run this method. If you run the ClearPasswordQueue Method after you run this method, any pending password change logs are then moved to the history log.

It is a best practice to periodically archive and clear the password target history. A large number of target history objects can detract from the performance of the ClearPasswordHistory Method.



Forefront Identity Manager Synchronization Service 2010



See Also