Customizing Password Reset Mechanism in Opensso

Similar Messages

• Customizing Password Reset App - Login Page

  Hi All,
  I have a requirement to modify the SAP delivered webDynpro based Password reset App - Logon Help app in the logon page of portal.
  Can anybody tell me how to proceede on this.
  Thanks
  Supriya

  Hi,
  See this post
  Item - Password
  >
  Populating a password field with a password shouldn't be possible since you should never store a password in clear text and thus can't populate it.
  >
  Br, Jari

• Password reset for old sbcglobal account - no longer an ATT customer

  I have an account from my DSL service that I canceled some time ago. One of the sub-accounts was hacked and is suspended. I never set up alternate contacts for it, so it wants me to call a service rep to have the password reset. Since I am no longer a customer there is no path through the phone tree that I can tell to find someone to make this happen. Is it possible to have the password reset for this account?

  Sunflower75 wrote:
  I have the same problem... What number did u call? Please help.   and everyone else who posted on this thread, and including those who did NOT post to this therad, even if not an active customer, PLEASE, click on the link to the attcustomercare social media team here..  they try to catch what the can, but will always miss someone unless the send a private message, and the agreement says, automated help only after 60 days you are no longer an at^t customer, so these guys are going above and beyond to hep, even though technicaly they don't have to... but they need you to adk them first in the private message, or they won't know to help so.. here ya go:Rethink Possible
  Private Message (ATTCustomerCare for account specific help)
  Did a post have a solution that worked for you? Help other people find solutions faster by marking posts that helped you as an "Accepted Solution". Learn about accepted solutions here.

• Password Reset - Important Customer Security Alert

  Yesterday I received an email from Adobe DPSAdmin telling me that, "an attacker illegally entered our network and may have obtained access to some Adobe IDs and encrypted passwords...as a precaution, we are resetting relevant customer passwords to prevent unauthorized access to customer accounts."
  Today I received an email from Adobe Cutomer Care using the same language with a password reset link.  I went through the process of resetting the passwords of all of the Adobe IDs we use for our different published apps.
  Does resetting these passwords mean that I need to rebuild and resubmit all of our apps using the new passwords?

  This happened again over the weekend.  From the contents of the email I assume they weren't hacked again, but instead decided to reset my password again just for kicks?  I've been notified of this happening with at least two of the accounts I manage.  Is there a reason why the automatic password reset has happened twice?
  Andrew
  Important Password Reset Information
  On October 3rd, we announced that our security team discovered sophisticated attacks on our network involving illegal access to certain customer information. As part of our ongoing investigation into this incident, we have learned that your Adobe ID and password may have been accessed by the attackers.
  We are still investigating, but we currently have no indication that there has been any unauthorized activity on your account. However, as a precaution, we will reset your password at 11pm PT on Saturday, October 19th. After we reset your password, please visitwww.adobe.com/go/passwordreset to create a new password. We recommend that you also change your password on any web site where you use the same user ID or password.
  We deeply regret any inconvenience this may cause you. We value the trust of our customers and we are working aggressively to prevent these types of events from occurring in the future. If you have questions, you can learn more by visiting our Customer Alert page, which you will findhere.
  Adobe Customer Care

• I cannot get my password reset to start using iphone. Tried website and asked to send to my email address /also my user id and nothing coming. i called 800-275-2273 and guy said apple having issues no est time of fix?

  I cannot get my password reset on apple itunes to start using my iphone. Tried website to reset password and asked to send email/same as user. Never getting email. Tried with my birthdate but that is not accepting. Called apple 8002752273 and guy told me Apple has had problems with this for weeks. Nothing he could do for me - i could answer all his security questions but birthdate. He said send a letter to itunes help , he could not provide. Could be weeks before anyone gets back to me? I checked itunes an of course there was not itunes email help available.  Anyone have email for customer relations or phone# or know how to fix this?

  "Could be weeks before anyone gets back to me?"
  Where did you get that nonsense?  Your involved question sounds like a hoax.  Regardless, the phone number for Apple Customer Relations is: 800-767-2775.

• Need Help in sending Private Email when user clicks Oracle Password Reset

  How to send an email to user marked as PRIVATE and Confidential when they hit the Oracle Password Reset Link.

  user11986391 wrote:
  How to send an email to user marked as PRIVATE and Confidential when they hit the Oracle Password Reset Link.What do you mean by private and confidential?
  Reset Password Functionality FAQ [ID 399766.1]
  How to Modify The Password Reset Statement for the UMXUPWD.wft Workflow [ID 420236.1]
  How to Change the Text of Instructions in the "Reset Password" Screen? [ID 762798.1]
  How to open customized page when click on "Forgot Password" URL ? [ID 556454.1]
  https://forums.oracle.com/forums/search.jspa?threadID=&q=Password+AND+Forgot&objID=c3&dateRange=all&userID=&numResults=15&rankBy=10001
  Thanks,
  Hussein

• Password Reset Issue in Portal

  Hi All,
  Please help me to resolve this issue.
  Issue : We have resetted a password for one srm user in Portal. The User when he tried to login after the password reset initially it was asked to change the password. User changed the password. He is succesfully logged into the portal. Now the problem is when he tries to access a srm work item in worklist it is opening a new window and asking to reset the password again with the error message "No switch to HTTPS occurred, so it is not secure to send a password & This is an initial password that must be changed". It is not asking to change when he tries to login to portal and this error is promting only when he tries to open a work item. Because of this the user could not proceed to work further.
  Can any please let me know if faced with the same error.
  Thanks in advance.
  Regards,
  Viswes

  Hi Viswes,
  There are two solutions for this issue,
  1. Create a custom application which will change PWD in all the systems once you change your Portal PWD.
  2. Change the backend PWD before accessing UWL. (Login to backend system directly, it will ask for change of PWD).
  Thanks.
  Sushil

• Not Getting Password Reset mail to the default e-m...

  I have looked in my in box several times over the past two hours and do not see a mail for password reset. I also checked my Spam/Junk mail folder and do not see any mail from Skype. What is the solution. I opened another account and am not able to log in with my newly created password. This is becoming an issue and I need some solution
  Thanks

  Please Contact Customer Service.
  How can I contact Skype Customer Service?
  What is live chat support?
  Regards,
  Tamim
  Location - Dhaka | Bangladesh - Standard Time Zone: GMT/UTC + 06:00 hour
  If one of my replies has adequately addressed your issue, please click on the “Accept as Solution” button. If you found a post useful then please "Give Kudos" at the bottom of my post, so that this information can benefit others.

• How to implement approval on password reset from OIM 9.1

  I am having an requirement where i need to implement Manager Approval on user's every password reset from OIM 9.1.02.
  Please help me out with your suggestions.
  Thanks,
  Kanav

  The thread was help full rajiv but i am still having some issue in the approch to follow:
  As per the thread we cannot use the Entity Adapter because:
  If you are thinking of using Entity Adapter on User form then it is not possible because whenever you change any value on User form, that will be updated in USR table without any Approval.
  So, if we go with the below appoach:
  *Event Handler Way:*
  Create Event Handler.
  You'll get OLD and NEW Values of that field.
  Capture those values and raise request for thsi Dummy RO with your code
  And use Error Handler to show Custom Message to Administrator that "Request Has Been Initiated for User Profile Modification".
  but i am having below doubts:
  1. If we are not having the Entiry Adapter then where we will do the mapping of fields that have been taken n the adapter?
  2. And how can i get the old value of the filed?

• Use OIM 11g UI directly for password resets

  1. What is the best practice in using OIM for password resets? Two options that i have usually heard of are writing a custom app or UI and use OIM APIs for password resets. The other is use OIM UI directly.
  Are there any other options.
  2. Of the two options mentioned above, are there any concerns if we want to expose the OIM UI password reset link to internet- example, post the OIM UI link across the company's website which is available to everybody?
  Regards,
  Anand

  People,
  Any help will be really appreciated. I am looking for some suggestions in this regards. Thanks
  Anand

• Password Reset Webpart

  Good Evening TechNet Experts,
  I found a ton of out-dated material on this but was looking for something more updated, thorough, and well instructed. Need instructions/guide on setting up a Password Reset Portal for end-users on the SCSM portal
  WITHOUT Orchestrator.
  1. This will need to work with SharePoint 2010, SCSM 2012, and ADFS.
  2. Users need to be able to enter their email / username and click reset to send the password reset link / temporary password to the users email.
  3. Users need this function BEFORE logging in.... I will link to the web part right on my login page. I have seen many "Request Offering" reset pages... this doesn't make sense to me
  as the user must be able to login before resetting... defeating the purpose and rendering this useless.
  Thanks in advance, look forward to reading your thoughts on this.

  Thomas! Hello again :)
  What country do you live in? If I ever visit I promise to buy you dinner :D
  Thanks for your reply. I see what your saying, I spoke to management and we made a decision to ditch the approach of giving the customer complete control over a reset - the only easy solution is FIM and this costs too much.
  We decided to use a web-part that would require the user to login with a temporary password provided by our helpdesk analysts, then click on the password reset web-part to undergo the reset. I looked at the tool you provided but am not 100% sure how to deploy
  it - I am not yet too familiar with this stuff. I also looked at a web-part provided by ITaCS (http://changepassword.codeplex.com/) but this didn't work and ran into a bug. Currently in contact with the developer
  to see if they can get it fixed but meanwhile, how would I go about deploying the solution you posted?
  To test it anyways, I extracted the files to my IIS directory and added the site as a .Net 4.0 Integrated Pipeline App Pool. I also configured the site to connect as a domain admin user. However, when I launch I kept running to an authentication/permissions
  error.
  Description: An error occurred while accessing the resources required to serve this request. You might not have permission to view the requested resources.
  Error message 401.3: You do not have permission to view this directory or page using the credentials you supplied (access denied due to Access Control Lists). Ask the Web server's administrator to give you access to 'C:\inetpub\wwwroot\wss\VirtualDirectories\PassCore'.
  I added permissions on that folder for the domain account running the web app but still same error.
  I disabled authentication completely under system.web/authentication and still solved the permissions issue but I got this compilation error:
  Server Error in '/' Application.
  Compilation Error
  Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.
  Compiler Error Message: CS0234: The type or namespace name 'Helpers' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
  Source Error:
  Line 17: using System.Net;
  Line 18: using System.Web;
  Line 19: using System.Web.Helpers;
  Line 20: using System.Web.Security;
  Line 21: using System.Web.UI;
  Source File: c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs Line: 19
  c:\windows\system32\inetsrv> "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /t:library /utf8output /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll" /R:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll" /R:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\assembly\dl3\2cf2a65a\931a5703_0a51d001\Unosquare.PassCore.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_global.asax.3xi7t_sv.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll" /out:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.dll" /D:DEBUG /debug+ /optimize- /w:4 /nowarn:1659;1699;1701;612;618 /warnaserror- "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs" "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.1.cs"
  Microsoft (R) Visual C# Compiler version 4.0.30319.33440
  for Microsoft (R) .NET Framework 4.5
  Copyright (C) Microsoft Corporation. All rights reserved.
  c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(19,22): error CS0234: The type or namespace name 'Helpers' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
  c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(22,22): error CS0234: The type or namespace name 'WebPages' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
  c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(23,22): error CS0234: The type or namespace name 'Mvc' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
  c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(24,22): error CS0234: The type or namespace name 'Mvc' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
  c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(25,22): error CS0234: The type or namespace name 'Mvc' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
  c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(29,61): error CS0234: The type or namespace name 'Mvc' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
  Finally, I switched to connect as an Application user (pass-through authentication) but now the site just keeps loading forever and nothing happens. I checked event log for issues but it seems I'm not generating any errors after this final configuration
  attempt... Not sure where to go from here.
  Thanks a million for your help Thomas!

• Enable Email password reset option

  Please enable
  Email password reset option  for my domain iiet.org.in,kmpce.org and
  igcas.org through windows admin center.One of our user is not able to access mail for many days.Please do asap.

  Hi,
  Based on your limited inputs, you can login to DC using built-in administrator account and open ADUC and reset the password of your custom domain admin account.
  If you have no other administrator account, there is no Microsoft recommended way to reset the passwords for domain user accounts. 
  Checkout the below thread for similar discussion,
  http://social.technet.microsoft.com/Forums/en-US/05b059a2-51a0-47cf-b4b0-e6d6f25285ee/domain-admin-password-reset?forum=winserverDS
  Regards,
  Gopi
  JiJi
  Technologies

• USER PASSWORD RESET OPTION

  Hi,
  We have published our server through ITS. Once users logged on they access through Webui. I would like to provide users the option for themselves to change their own password.Please suggest how to achieve this
  Regards
  D.Mukundan

  Hi,
  You can provide the custom screen for changing the password.
  Standard FM's are available to change the password.
  ME_USER_CHANGE_PASSWORD
  But, I think you should go with the standard password change mechanism which is the normal login screen where user logs into web ui.
  Regards,
  Naresh

• IdM Anonymous user sessions for password resets

  I am currently working on an update to a self service password reset customization through the IdM anonymous user interface. I am having issues with SIM not closing the anonymous sessions, once a user attempts an anonymous reset. Anytime one of the idm/user/anon****.jsp pages are accessed SIM logs in as the "Reset" user, so then any user that tries to go back to update their challenge questions, gets "...view acess denied to subject Reset...", as if SIM doesn't relize they are back in their user session. Question:
  1. If I use any anon***.jsp pages for any process/workflow launches, for self service, must I handle the logoff of that anonymous session? Currently it looks like a custom logoff and redirect is working, but I was wondering if this is the preferred way to approach this?

  Yes, solved a long time ago but yes, I did find a fix for this. Turns out we had multiple issues but did work through them.
  First, make sure the LDAP user is NOT Directory Manager or Admin or ANY other ID used for multiple purposes such as a privileged user that also makes changes via other tools. I created a new user in LDAP only for IDM purposes and give it the permissions needed: uid=idmsync,..... The permissions we gave were in essence the same as Directory manager as IDM is used in our case to manage LDAP as well.
  Then add in the listening resource to exclude any changes from the uid=idmsync user.
  In the changelog stream then all changes by IDM come down as idmsync. But other changes will come through as directory manager or someone else. But by filtering idmsync changes you prevent an infinite loop. eg. IDM sets LDAP generates change to IDM sets LDAP generates change to IDM... However other user changes will be processed without the infinite looping.
  From an efficiency perspective, we also spent time refining the active sync forms. But all worked well by production turnover, which was well over a year ago.

• Password - why can't adminstrators access customer password

  I am a system adminstrator for two sites and I am becoming increasingly frustrated at the inability to access customer passwords.  I have a number of custoemrs who regularly forget their passwords who are not particularly computer savvy and I am not able to help them without a lot of phone/email support.  Whereas under the previous system I could communicate their password to them saving both of us a great deal of time and energy.
  I am very aware that BC changed the system to deny access to passwords for all but the customer but this for my sites is ridiculous.  I have access to all info that my customers have and I can 'change/update' any customer info on my site so why can I not access their password.
  This is extremely frustrating as the current process assumes computer literate users and that the system 'Forgotten Password' tokens work - the latter is not always the case and I have  a current support request to this effect.
  I would appreciate someone who knows the system well to explain to me the rationale behinds BC's change to password access adn what is the reality re how this enhances cuntomer security when the systems administrator has access to all that customers data.
  Richard

  Hey Richard. I think you miss understand here.
  Most secure systems - no password in the admin. You have the button in the admin to send a email for the reset request. This will also show (if you sort the site correctly) on the form they use to login.
  Both use the reset email and again, ensuring that is set up correct is something you have access to and ensure has the elements and worded as you need them to be.
  If people keep forgetting their password that to be quite frank it is their problem, why should a system become less secure because of this?
  Do good systems do this? No , should they change? heck no.
  Set up the processes to so the flow is easy to reset (which you have control over) and if they keep forgetting then they need to change them to something they wont forget.
  Are you going to contact Apple and their Itunes store and ask them for your password? They wont know and not provide it to you, they do not know as it is in encrypted.
  Like any systems you may also be aware of they say "No customer support respresentitive will ask for your pasword or provide you with your password". Etc.
  This will not change.