One of my clients has a class of user IDs that are enabled for emergency production problems, then turned off afterward. Normally they're suspended, but if a user jumps through the right hoops the ID is enabled FOR(1) (or maybe 2) and automatically expires thereafter.
I just created one of those ACIDs, and realized I don't know how to handle that part of it. I tried ADD SUSPEND and it gave it ASUSPEND; that means the help desk won't be able to release it if necessary. FOR(0) and UNTIL(today) don't work, presumably because the expiration date must be in the future. I've tried various other possibilities but TSS slaps me down. I suppose I can set the expiration date for tomorrow—it's not like it's a huge security risk—but surely there's a way to do it? Anyone know?