Different Password Policy for Different User Groups in ACS 4.2

Similar Messages

• How to set password policy for apps users

  Hi All,
  Can anyone please help me.
  I am working on apps 11i.
  How to set password policy for users
  Thanks

  Check Note: 189367.1 - Best Practices for Securing the E-Business Suite
  https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=189367.1

• How to 'overrule' password policy for one user ?

  hi,
  i am system administrator on our ECC 6.0.
  we have 4 clients, test and production.
  so i have 8 users, not everyone has the same password (for some reasons).
  when i want to change the password i get the message that the passwortd cannot be on of the
  last 5 passwords.
  well, i want to set the password the same for ALL of my 8 users.
  how can i 'overrule' the message, so that i can change the password ? any ideas ?
  best regards, Martin
  Edited by: Julius Bussche on Mar 28, 2011 6:46 PM

  >
  Florian LINTNER wrote:
  > But should we really publish such illegal things like USRPWDHISTORY?
  What is illegal about table USRPWDHISTORY. It's a regular table so to think that if you don't mention it on public forum then nobody will find it is a bit naive.
  There are usually 3 reasons why you have to do some dirty trick: you want to do something wrong, there is a technical limitation in solution or there is something serious wrong with the solution. In my experience the first option is the most common and this case looks to me like the first option. It's not clear from your message what is the purpose of those users but as it was mentioned you can change their type or maybe you can use a different authentication method for them (certificates or SSO) to avoid password issues.
  Cheers

• How can I set OIM password policy for OID Users.

  Hi,
  For me the target resourec is OID. When I create users in OIM, they get provisioned to OID. Their password also gets stored in OID.
  Now, I have a password policy in OIM. In that policy, the password exipration day is set to 28 days. After 28 days, the user's password will expire in OIM. Is there any way that password will also expire in OID too, so that user will not be able to login in OID?
  Thanks in advance.

  You need to do the following.
  1. Find the attribute in OID that determines the disable date.
  2. Add a field to your provisioning process definition form.
  3. Using a pre-populate adapter, use an input of your oim user account expiration date, and convert that to the format OID uses.
  4. Update your lookup for provisioning attributes to include this new field to map the field name to the OID attribute.
  5. Create an "Updated" task for this field so that when it gets changed, the new value is pushed to OID.
  6. Create a user form trigger value for the field that maps to the oim user account expiration field. For this trigger, add a task to your oid provisioning process that does the same tasks as your pre-populate adapter to determine the new date value and pass it to the field on the process form.
  Now when the OIM expiration date changes, this value will be passed to OID, and also when the account is first created.
  Does this work for you?
  -Kevin

• Help needed - setting password policies for different types of accounts

  Hello,
  We have a situation where we have different types of users created on a solaris server. We have regular users, admins, functional accounts and device accounts. Of course solaris does not differentiate between regular user and other types, i think. The default password policy applies to all the users on the server. I want to configure different policy for different types of user accounts. Is it possible? The difference between the accounts on our side is
  Regular user accounts - 8 digit numbers ( 00667265) - expire password every 90 days
  Functional accounts - 8 digits starting with F ( F0253466) - do not expire, but password length must be 10-12 and complex
  Device Accounts - 8 digits starting with Z ( Z2367249) - do not expire, but password length must be 12 and complex - like upper case, lower case, number, special chars etc.
  Is it possible to set up different password policies, is so how?

  The password expiration policy is pretty easy, it can be set on a per account basis when the account is created. I'm not aware of a simple way to define a complexity policy for groups of accounts but the policy is enforced using pam, so you should be able to write a pam module which would enforce your complexity policy. The pam manual page would be a reasonable starting point for learning about pam.

• Hi I have two questions. I am using NAS 4.1 and was wondering is it possible to set a different session timeout for different users? How is the session timeout set? Thanks, YS

   

  <i>I am using NAS 4.1 and was wondering is it possible to set a different session timeout for different users?</i>
  Um, there is no such thing as NAS4.1.
  I'm assuming that you mean NAS4.0 (maybe NAS4.0sp1?). If so, then the session timeouts are specified in the session section of the NTV configuration files.
  AFAIK, you can specify session timeouts on a per user basis.

• Applying different password policies to different groups (contexts)

  How do you assign different password policies to different groups (or contexts) in the OID?

  According to chapter 18 in the Oracle Internet Directory Administrator's Guide Release 9.0.2 Part Number A95192-01, it doesn't look like you can apply password policies on the group level. At any rate, they only seem to talk about password policies being assigned at the subscriber level.

• Restricting  Access for SQ01 User Group

  Hi ,
  Please let me how to Restrict  Access for a   User Group  to only some of  the specific users?
  Thank you
  Edited by: Vibhor Arora on Apr 12, 2010 7:29 AM

  Hi,
  Can you please clarify what exactly you want to know, your request can be interpreted in a few different ways.
  If you are concerned that people have access to all user groups, then you need to remove access to S_QUERY activity 02 and I think activity 23.  They will lose access to all user groups that they are not assigned to via SQ03.

• How can I deploy password policy to a specific group?

  Dear All,
  I would like to deploy password policy to specific OU for testing purpose.  As I know password policy only can setup in
  Default Domain Policy or new created policy and save at the root of domain.  Is there any method for me to test the password policy for specific OU?  Thanks.
  Frankie

  Hi,
  As Vivian said, Fine grained password policy cannot be applied directly to an OU.
  Instead you can create a global security group in the OU and apply the fine grained password policy.
  For example, if you need to apply a password policy for "Sales" OU, you can create a global security named "Sales Users" and assign the Fine grained password policy to this group. Then you can add the users to be tested in the "Sales"
   OU as members of this group.
  Checkout the below link on the deployment scenario of Fine grained password policy,
  http://blogs.technet.com/b/askpfeplat/archive/2013/10/07/fine-grain-password-policy-for-active-directory-2008-domain-does-not-apply.aspx
  FYI -  To activate the fine grained password policies, you need to raise your domain functional level to Windows Server 2008 or higher.
  Regards,
  Gopi
  www.jijitechnologies.com

• How to implement password policy for a software in oracle (sql) forms & reports 6i ?

  Hi all , I have to implement password policy for an already existing software which was created 2 to 3 years before.
  What exactly i want to do is I must alert the user every month to change his/her password. I have no idea about it.
  Can anyone help me how to start with it? Or can you provide me the links where i can learn & implement in the software?
  Oracle Forms & Reports Builder 6i.
  Oracle9i Enterprise Edition Release 9.2.0.1.0 - Production.
  Thank You.

  You can try this:
  Establishing Security Policies
  Using database policy, you can force user to change password with Oracle forms 6i.
  Regards

• So how to specify different answer file for different install images in WDS snap-in?

  hello
  in WDS snap-in, in properties on server name, on client tab, we can define an answer file for unattended windows installation on WDS clients.
  my question is, maybe we have added multiple images in WDS snap-in (win xp image, win 7 , win 2008,...)
  now this one answer file applies to all of them ?
  so how to specify different answer file for different install images in WDS snap-in?
  thanks in advanced 

  Under the "Client" tab of WDS, you should only use an answer-file with settings relevant for the installation. This would be credentials for the WDS deployment share, international settings used during the setup and possibly also destination drive
  details (if you want the installation to take care of partitioning the disk etc). The settings relevant for unattend-files used under "Client" would only be of those in phase 1 (WinPE).
  However, if you would like to have specific unattend file for every installation, e.g. Win7, Server 2008, Win 8 etc, you can browse to the image under "Install Images" under the image Groups. There you can select properties for every image and
  have a personal unattend-file.
  hi Joel
  very cool. thanks a lot, that really helped me.
  best regards

• Different mail ID for different workflows

  Hi All,
  As per my knowledge if we use mail task in work flow a e-mail will be triggered from mail ID maintained for user wf_batch , is there any way to send mail through different mail iD for different workflows by using mail tasks only, not by using a separate task and using some function modules in that to send mails.
  Thanks
  Vinod

  Hi,
  I have done this once. It is not the best I admit as many things must be considered, yet it worked.
  In the binding of an activity step, prior to the mail send step, I have included the calling to a custom FM.
  In this FM I have dinamically changed the mail address of WF-BATCH (the address was set in an ad-hoc paramenter.
  Then right after the mail send step, again in the following binding, I have run the very same FM, with different paramenters of course, to put the address back to where it was.
  Corrado

• Different zoom levels for different clips in the same project?

  Hi
  I am making a movie with videos from two different cameras. As a result some of the clips are cut down in size to a small portion of the screen. This can be solved if it is possible to use different zoom levels for different clips in the same project. I have not been able to do this. Is it possible?
  kind regards
  Soren

  You can scale the small clips up to the same size of the larger one... but you will get a quality loss.
  Using Motion or Scale to Frame Size commands
  Better to scale the large ones down to a Sequence that matches the smaller clip dimensions.

• Different Cost Centers for Different Line Items in a single Reservation

  Hello Gurus,
  When we create a Material Reservation, we give the cost center at the header level and that cost center is accounted for each of the line items in the reservation. But when the reservation has many line items which depend on different cost centers,  there is a need to enter different cost centers for different line items in the same Material Reservation. How can this be done? Please suggest.

  Hi,
  It's a standard restriction in SAP functionality  where one reservation document can only accommodate one cost center.
  You can not maintain multiple cost centres for individual line items.
  You have to create seperate Reservations for each cost centre.
  check below thread:
  ONE RESERVATION FOR DIFF COST CENTERS
  Umakanth R
  Edited by: Umakanth R on Dec 8, 2011 7:53 AM

• JTree: How to set different cell editor for different tree Nodes.

  I have a JTree and I want to set different cell editors for different node depending on some condition. E.g. I want to set ComboBox as editor for leaf node but each leaf node will have its own set of data.
  Any help or pointer?
  Thanks in advance
  Sachin

  take there:
  http://www.mutualinstrument.com/Easy/FAQ/Tree/tree.html