User Password Expire Service
A worker that checks if a user has not enrolled for a new certificate within a specified amount of time after the user was last edited. If the user has not enrolled within this time, the user's status is set to Generated and the user will not be able to enroll. The worker has the same basic setting as the Certificate Expiration Check Service, except for Time before notification is sent which is replaced by:
Time until user password expires: The number of Days/Hours/Minutes/Seconds that a user should be able to enroll for a certificate, i.e. the time before the user's password expires.