Password reset in idm 6.0

Hi all,
Here's what I understand. Please correct me if I am wrong..
idm 6.0 segregates the concept of locking the account and disabling it. So, if the AccountId policy is set, the user account is locked, not disabled. if he/she has "n" failed login attempts. In previous versions, the account was getting disabled in such a case, which is why locking and disabling were synonymous to me. Anyone can throw a light on this please?
Also, the question is: How can the self-service password reset be implemented if the user account is locked? Basically, the OOTB functionality shows the questionLogin.jsp but will not proceed even on correct answers, just because the account is locked. Only the admin can unlock the account. Has anyone come across this situation?
Any help is highly appreciated. Thanks!
- Adi.

This is a correct observation.
The only way to unlock an IDM user whom is locked is via:
- an admin with unlock capabilities unlocking the user
- when the lock expires as defined in the policy
A locked user is not allowed to log in not even via the correct answers and is thus never able to change its password. That is how it is supposed to work.
WilfredS

Similar Messages

  • IdM - Self password reset u2013 Internal Server Error

    Hello
    We are trying to set the self password reset on IdM 7.1 SP4.
    The User Interface and the Identity Center are installed on two different Was JAVA servers. When we try the reset password, it goes along well (authentication) but in the end, when we click on the u201CEndu201D button we get the following message :
    500 Internal Server Error
    Failed to process request. Please contact your system administrator
    And the detailed error information :
    java.lang.NullPointerException
            at com.sap.idm.wd.wf.task.PwdRecoverComp.SaveData(PwdRecoverComp.java:255)
            at com.sap.idm.wd.wf.task.PwdRecoverComp.MoveNext(PwdRecoverComp.java:293)
            at com.sap.idm.wd.wf.task.wdp.InternalPwdRecoverComp.MoveNext(InternalPwdRecoverComp.java:192)
            at com.sap.idm.wd.wf.task.PwdRecoverCompView.onActionNext(PwdRecoverCompView.java:165)
            at com.sap.idm.wd.wf.task.wdp.InternalPwdRecoverCompView.wdInvokeEventHandler(InternalPwdRecoverCompView.java:193)
            at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.invokeEventHandler(DelegatingView.java:87)
            at com.sap.tc.webdynpro.progmodel.controller.Action.fire(Action.java:67)
            at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doHandleActionEvent(WindowPhaseModel.java:420)
            at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:132)
            at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
            at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
            at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:332)
            at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
            at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
            at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
            at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
            at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
            at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doPost(DispatcherServlet.java:53)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
            at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
            at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
            at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
            at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
            at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
            at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
            at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
            at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
            at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
            at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
            at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
            at java.security.AccessController.doPrivileged(Native Method)
            at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
            at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    We thought that maybe it was because of the two different servers installation since it used to work when everything was on the same server. Did anyone ever tried the self reset password with the same configuration as we have? Or do anyone know if it is necessary for the task to work to have IdM and the portal on the same server?
    Or maybe its a deploying IDMu2019s package problem?
    Regards,
    Clotilde

    Hello
    @Scott
    Make sure you have the correct sca file deployed on the portal from your service pack and make sure that the keys.ini file is correctly set up on the portal.
    About the sca, we deployed the IDMIC04_0-10007482.SCA (SP4) do we also need to deploy the IDMIC00_0.sca? (we didn't)
    About the keys.ini, we deployed the same file in each server.
    @Roy
    Have the user prepared the Authq attributes in the identity store, and you are using the correct answers?
    Yes, we only use the MX_AUTHQ_001 that we fill with the user's MX_PRIMARY_MAIL when we create it. The encryption is ok and we use the correct answer.
    What are your settings on the password reset settings in the Admin MMC?
    The settings are :
    Identification attribute  MSKEYVALUE
    No of question to show 1
    No of answers required 1
    Max no of attempts 3
    Password creation method Automatically generate
    Save the password to UME no
    Which version of the NW are you running?
    7.1 SP4
    Did you deploy the correct version of the webui?
    package SP4
    Could you try to change the loglevel of the defaulttrace on tcidmjmx-app to debug, and add the section of the log
    where it throws an error.
    I tried to do it but I didn't find where I'm supposed to configure that. Could you please help me on that or send me a link to a documentation that would explain it?
    Thanks a lot,
    Clotilde

  • Password Reset Form for Multiple ABAP and Java Systems IDM 8.0

    Hi Friends,
    i have created Password reset form in IDM 8.0 , now i am able to reset password in systems but when i am resetting password IDM will reset password in ALL Connected server where his id is present.
    now i need that user can able to select system where he want to reset password through password reset form.
    Thanks,
    Mohinder

    Hi Tero,
    I tried both query and it worked for me,
    select right(mcattrname, len(mcattrname) - 7)
    from idmv_vallink_basic
    where mskey = %usermskey% and left(mcAttrName, 7) = 'account'
    select rep_name from MC_REPOSITORY where rep_name in (select right(mcattrname, len(mcattrname) - 7) from idmv_vallink_basic with (nolock) where mskey = %usermskey% and left(mcAttrName, 7) = 'account')
    May be Mohinder did not copy paste properly.
    Password reset task with option to select repository seems to be coming from many ppl. Will you be able to create a blog with details on how to achieve this, as it is your idea in 1st place?
    Kind regards,
    Jai

  • IdM Anonymous user sessions for password resets

    I am currently working on an update to a self service password reset customization through the IdM anonymous user interface. I am having issues with SIM not closing the anonymous sessions, once a user attempts an anonymous reset. Anytime one of the idm/user/anon****.jsp pages are accessed SIM logs in as the "Reset" user, so then any user that tries to go back to update their challenge questions, gets "...view acess denied to subject Reset...", as if SIM doesn't relize they are back in their user session. Question:
    1. If I use any anon***.jsp pages for any process/workflow launches, for self service, must I handle the logoff of that anonymous session? Currently it looks like a custom logoff and redirect is working, but I was wondering if this is the preferred way to approach this?

    Yes, solved a long time ago but yes, I did find a fix for this. Turns out we had multiple issues but did work through them.
    First, make sure the LDAP user is NOT Directory Manager or Admin or ANY other ID used for multiple purposes such as a privileged user that also makes changes via other tools. I created a new user in LDAP only for IDM purposes and give it the permissions needed: uid=idmsync,..... The permissions we gave were in essence the same as Directory manager as IDM is used in our case to manage LDAP as well.
    Then add in the listening resource to exclude any changes from the uid=idmsync user.
    In the changelog stream then all changes by IDM come down as idmsync. But other changes will come through as directory manager or someone else. But by filtering idmsync changes you prevent an infinite loop. eg. IDM sets LDAP generates change to IDM sets LDAP generates change to IDM... However other user changes will be processed without the infinite looping.
    From an efficiency perspective, we also spent time refining the active sync forms. But all worked well by production turnover, which was well over a year ago.

  • Unable to see the "Password Reset" tab in Indentity Store (SAP IDM 7.1)

    I am trying to implement Password self-service as per the document "SAP NewWeaver Idenitty Management Identity Center Self-service password reset Implementation Guide" Version 7.1 Rev 2. In this guide, references are made to the Password Reset Tab in the Identity Store properties view in Identity Center. I do not see that tab in my view.
    I followed the standard inst guides during the upgrade. Its a fresh implementation and we are on IDM 7.1 SP5
    I have checked out couple of similar posts where it was resolved by installing SP3/4, does anyone have any other solution than applying the SP again ??
    What do I need to do to have that tab?
    Thanks

    Matt,
    Ours is a fresh installation
    According to the PSS 7.1 V2 guide, i completed the section 1 where i creted the UME roles and the
    Section 1: Creating the tasks
    Creating the folder for the tasks
    Creating the password reset task
    Creating the password reset failed task
    Then started the Section 2 Configuring the identity store and the first point the document says is "Select the identity store in the console tree and choose the "Password reset" tab: " which i am unable to see the tab in my system.
    I am i missing some config steps here ?  again i am just goin line - by - line what the doc says
    Thanks
    Edited by: Chetan on May 23, 2011 4:43 PM

  • SAP IdM - Self Service password reset

    Hi All
    Has anyone configured the Self-service password reset option yet?
    I have a question that the documentation doesn't answer. We plan on using the IdM on our SAP landscape which would involve at least 9 seperate systems, meaning the Dev, QA and Prod systems for BW 3.5, CRM 2007 & ECC.
    My question is if we have a user that has access to all these systems, but only needs to reset their password in 1 of them. How does the Self-service password reset option know which system that user's id is locked in or would it be resetting the password in every one of the systems?
    Ken

    That's right. Users would have to repeat the same process if they want to change the password for say 2 systems out of the 9. Its a quick and easy way to get it up and running without much customization.
    But if you want to eliminate this repetition, the ideal way would be to customize the UI (some thig like this which comes as part of RDS)
    Cheers,
    Murali.

  • IDM 7.2 creating Password Reset task

    Hi,
    We are in the process of implementing IdM 7.2, when I create a task for Password reset the I'm getting a DB error have any one encountered this in IdM  7.1 Here is the error that I'm getting
    MXMC: Access denied Err 214727900
    Source OraOLEDB
    Description ORA 01400: Cannot insert NULL into ("MXMC_OPER"."MXP_TASKPARAMETERS".MCVALUE")
    Method: EmcTaskProperties.SaveGafParameters
    Thanks,
    Joe.P

    Ok, then it's one of two things in my experience:
    1. The encoded password for the MXMC_OPER is incorrect.  Try to login to Oracle using that account.  It should have been defined in the INCLUDE.SQL file when the database was created.  You might need to work with your DBA on this, assuming you are not one.
    2. I've only seen this happen on MSSQL, but if your classpath is set up in a certain way, these things can happen.  I've written about it [here|http://idm-thoughtplace.blogspot.com/2011/02/too-much-in-jar.html]
    Hope this helps you.
    Matt

  • [Initial Password] CUA vs IdM

    Hi,
    Please correct me if I am wrong: when the CUA cha,ges to password in the child systems, they are set as initial. It means that, on the first logon, the user has to change it.
    Is there a possibility for IdM to set "definitive" password. It seems so to me after reading
    |                     |        CUA        |  Identity Management       |
    | Password management | Initial passwords | yes incl. workflow support |
    in https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/7037d982-40aa-2a10-e283-a76a9dfc93ab, page 29
    Thanks in advance.
    Best regards,
    Guillaume

    IdM can only do what SAP permits.  Depending on how one is authenticating determines the password policy.  An initial password, an expired password and a password reset by an administrator all set the same flag.  The user must change their password on next logon.  The only way around this to write directly to the db with SAP's hash.  A terrible idea and a big security risk. 
    UME uses a delegated model so the password policy depends on what you are authenticating against.  This question is normally asked because a company wants to do password synchronization; one is better off doing SSO.

  • Password Reset Tab Missing from Identity Store properties

    I am trying to implement Password self-service as per the document "SAP NewWeaver Idenitty Management Identity Center Self-service password reset Implementation Guide" Version 7.1 Rev 2. In this guide, references are made to the Password Reset Tab in the Identity Store properties view in Identity Center. I do not see that tab in my view.
    I have upgraded my system from Identity Center 7.0 to 7.1 SP3, running on Windows Server 2003 with MS SQL Server 2005 as the database, with the design time and runtime components on the same server, and have installed the user interface on an existing NW 7.0 server running enterprise portal. I followed the standard inst guides during the upgrade.
    What do I need to do to have that tab?
    Do I need a fresh install of IdM 7.1?
    Is it possible a step was missed in the upgrade?

    Re-installed SP3 and everything works.

  • Attribute #MX_MSKEYVALUE_DN could not be found Self Service Password reset

    Hi,
    I use NetWeaver 7.02 and IDM 7.2
    I've just created the Self Service-Task Password Reset.
    If I call the page http://<host>:<port>/idm/pwdreset I get the following error message:
    Attribute #MX_MSKEYVALUE_DN could not be found
    DE: Attribut #MX_MSKEYVALUE_DN konnte nicht abgerufen werden
    The attribute MSKEYVALUE is available in my Identity Store.
    The Task for "Edit authentication questions" is available.

    Hi Chris,
    I use NetWeaver 7.00 SP14 and IDM 7.2 SPS 3 (tried IDM 7.1 before, but had same error) on Windows Server 2003 SP2 with an Oracle DB 10.2.0.1
    The IDM is working fine except the PwdReset Application. Maybe it has to do something with the Anonymous User?
    Executing SELECT * FROM MC_LANGUAGE_TRANSLATIONS WHERE LANGKEY = '#MX_MSKEYVALUE_DN'
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=AR
    LANGIDSTORE=1
    LANGVALUE=?????? ??????
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=BG
    LANGIDSTORE=1
    LANGVALUE=???????? ??
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=CA
    LANGIDSTORE=1
    LANGVALUE=Identificador unÌvoc
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=CS
    LANGIDSTORE=1
    LANGVALUE=JednoznacnÈ ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=DA
    LANGIDSTORE=1
    LANGVALUE=Entydig ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=DE
    LANGIDSTORE=1
    LANGVALUE=Eindeutige ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=EL
    LANGIDSTORE=1
    LANGVALUE=???ad??? ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=EN
    LANGIDSTORE=1
    LANGVALUE=Unique ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=ES
    LANGIDSTORE=1
    LANGVALUE=ID unÌvoco
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=FI
    LANGIDSTORE=1
    LANGVALUE=Yksiselitteinen tunnus
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=FR
    LANGIDSTORE=1
    LANGVALUE=ID unique
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=HE
    LANGIDSTORE=1
    LANGVALUE=????? ??????
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=HR
    LANGIDSTORE=1
    LANGVALUE=Jedinstveni ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=HU
    LANGIDSTORE=1
    LANGVALUE=EgyÈrtelmu ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=IT
    LANGIDSTORE=1
    LANGVALUE=ID univoco
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=JA
    LANGIDSTORE=1
    LANGVALUE=?? ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=KO
    LANGIDSTORE=1
    LANGVALUE=?? ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=MX
    LANGIDSTORE=1
    LANGVALUE=Unique ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=NL
    LANGIDSTORE=1
    LANGVALUE=Unique ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=NO
    LANGIDSTORE=1
    LANGVALUE=Entydig ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=PL
    LANGIDSTORE=1
    LANGVALUE=Jednoznaczny ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=PT
    LANGIDSTORE=1
    LANGVALUE=ID unÌvoco
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=RO
    LANGIDSTORE=1
    LANGVALUE=ID univoc
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=RU
    LANGIDSTORE=1
    LANGVALUE=??????????? ??.
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=SH
    LANGIDSTORE=1
    LANGVALUE=Jedinstveni ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=SK
    LANGIDSTORE=1
    LANGVALUE=JednoznacnÈ ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=SL
    LANGIDSTORE=1
    LANGVALUE=Enoznacen ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=SV
    LANGIDSTORE=1
    LANGVALUE=Entydig ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=TH
    LANGIDSTORE=1
    LANGVALUE=ID ?????????
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=TR
    LANGIDSTORE=1
    LANGVALUE=Benzersiz tanitici
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=UK
    LANGIDSTORE=1
    LANGVALUE=?????????? ?????????????
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=ZH_CN
    LANGIDSTORE=1
    LANGVALUE=????
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=ZH_HK
    LANGIDSTORE=1
    LANGVALUE=?? ID
    LANGKEY=#MX_MSKEYVALUE_DN
    LANGCODE=ZH_TW
    LANGIDSTORE=1
    LANGVALUE=?? ID
    Kind Regards,
    Tobias

  • Password reset on all target systems + how to  find mskeyvalue from store?

    Hi All
    As per the below link for password reset
    http://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/00d69428-cc00-2c10-9ca5-b4f607bbbddf&overridelayout=true   , I am able to reset the password of the user id in ume of  IDM  AS java server. However this document does not explain how the password reset functionality will change the password  on all connected target system. For example, When I reset the password from IDM interface, the password of  all my user ids in other target systems like ERP, Portal, Exchange, AD etc should change. But these information is not available on this document.   Please advice how we can can configure these steps.
    Also how we can  find the mskeyvalue of a user in identity store exactly? . If we need to run the sql query, can you please give the exact SQL query you need to use ?
    Thank you.

    Hi Sahad,
    just for your question about the sql statement:
    select attrname, aValue from mxiv_sentries where attrname = 'MSKEYVALUE' and aValue like '%<Search string>%' and IS_ID = <number of your IS_ID>.
    This statement should display only one User if you have changed the placeholders.
    I'm not sure, whether this helps or not. If not, please give me some more details.
    Kind regards,
    Achim Heinekamp

  • Partially disabled on password reset

    version: IDM 7.1, DSEE 6.3
    I have user account in IDM with a resource account on LDAP.
    The account looks fine.
    But when i change the password via a custom anonymous task the password gets reset on IDM, but the account is tagged as partially disabled. Also when you check the user xml it shows the ldap account as disabled=true.
    We use the nsaccountlock feature actually to disable / enable .
    Also have the com.waveset.adapter.util.ActivationByAttributeEnableFalse set for activation method in the resource configuration.
    the custom password task has a action like the following to include the changes to the resources.
    <Activity id='2' name='Reset Password'>
            <Action id='0' application='com.waveset.session.WorkflowServices'>
              <Argument name='op' value='checkoutView'/>
              <Argument name='type' value='Password'/>
              <Argument name='authorized' value='true'/>
              <Argument name='subject' value='$(accountId)'/>
              <Argument name='id'>
                <ref>accountId</ref>
              </Argument>
              <Return from='view' to='user'/>
              <Return from='WF_ACTION_ERROR' to='error'/>
            </Action>
            <Action id='1'>
              <expression>
                <block trace='true'>
                  <set name='user.resourceAccounts.password'>
                    <ref>userPassword</ref>
                  </set>
                  <set name='user.resourceAccounts.confirmPassword'>
                    <ref>userPassword</ref>
                  </set>
                  <set name='user.resourceAccounts.selectAll'>
                    <s>true</s>
                  </set>
                </block>
              </expression>
            </Action>
            <Action id='2' application='com.waveset.session.WorkflowServices'>
              <Argument name='op' value='checkinView'/>
              <Argument name='accountId' value='$(accountId)'/>
              <Argument name='view' value='$(user)'/>
              <Argument name='authorized' value='true'/>
              <Argument name='subject' value='$(accountId)'/>
              <Return from='WF_ACTION_ERROR' to='error'/>
            </Action>
            <Transition to='Update – Other Attributes'/>
          </Activity>Any help / input is appreciated.

    In your existing code, change the subject to 'configurator' or any admin that you have .. i can see you are using accountId as a subject .. also try
    using target resources concept of IDM.
    Still i have a sample code for changing the resource password directly by giving the resource name .. I hope you get an answer soon for this problem
    Instead of using checkout and checkin of the view you can directly call the workflow services to change the password. All pass the name of the resource for which the password change is required.
    <Activity id='7' name='Change Resource Account Passwords'>
    <Variable name='WF_ACTION_ERROR'/>
    <Action id='0' application='com.waveset.provision.WorkflowServices'>
    <Argument name='op' value='changeResourceAccountPassword'/>
    <Argument name='resources'>
    <!----- List the name of the resources here ---- !>
    </Argument>
    </Action>
    <Action id='1'>
    <expression>
    <set name='ERROR_STATUS'>
    <cond>
    <eq>
    <ref>WF_ACTION_ERROR</ref>
    <s>true</s>
    </eq>
    <s>failure</s>
    <s>success</s>
    </cond>
    </set>
    </expression>
    </Action>
    <Transition to='ERROR'/>
    </Activity>
    Thanks,
    Stallion

  • Can you customize Password Reset Results?

    We're migrating our password management stuff into Identity Manager, and one of the nicer features we've got with our current (home-rolled) setup is that after a Help Desk worker resets someone's password, it gives them a nice page that can be printed out and handed to the person to take with them.
    The default password reset page in Identity Manager does print out the password, but I don't see what form I would use to customize that results page. (admin/resetUserPasswordResults.jsp). Does anyone know where to look?
    Thanks!
    Jonathan

    I am having problems in displaying the new password. I want to use a custom password policy to generate the new password. I call a custom reset password workflow, and pass that policy to it. It generates two diff password. one for IdM and one for LDAP. I want it to generate one password for both

  • Strange name on password reset?

    I reinstalled OS X tonight because I got a new hard drive. When I went to log in to iCloud, my password failed but I wasn't too concerned because I rotate them a fair amount and sometimes forget. I hit the password reset button and received the password reset email. Here's where things get kinda weird.
    I DON'T have a second email mapped to my iCloud account (an alternate address) BUT when I reset my password, a message arrived in my other email account asking me to reset my password. AND the name listed was not mine. The Apple ID that I use for my store purchases DOES use the email address that received the strange message and it has my iCloud Apple ID as an alternate email address. I know this is complicated, forgive me.
    I have double and triple checked that my Apple IDs do not have any other names or email addresses associated with them. All of the info is mine.
    Obviously, I have changed all of my passwords after this and will be on the lookout for weirdness.
    Is it possible that this was just an Apple server-side fluke?

    In your existing code, change the subject to 'configurator' or any admin that you have .. i can see you are using accountId as a subject .. also try
    using target resources concept of IDM.
    Still i have a sample code for changing the resource password directly by giving the resource name .. I hope you get an answer soon for this problem
    Instead of using checkout and checkin of the view you can directly call the workflow services to change the password. All pass the name of the resource for which the password change is required.
    <Activity id='7' name='Change Resource Account Passwords'>
    <Variable name='WF_ACTION_ERROR'/>
    <Action id='0' application='com.waveset.provision.WorkflowServices'>
    <Argument name='op' value='changeResourceAccountPassword'/>
    <Argument name='resources'>
    <!----- List the name of the resources here ---- !>
    </Argument>
    </Action>
    <Action id='1'>
    <expression>
    <set name='ERROR_STATUS'>
    <cond>
    <eq>
    <ref>WF_ACTION_ERROR</ref>
    <s>true</s>
    </eq>
    <s>failure</s>
    <s>success</s>
    </cond>
    </set>
    </expression>
    </Action>
    <Transition to='ERROR'/>
    </Activity>
    Thanks,
    Stallion

  • Self Serve Password Resets

    Self Serve Password Resets
    Is anyone using RequestCenter (or other newScale module) to do self-serving password resets?

    we are integrated with Sun IDM to do that, not within RC alone ....

Maybe you are looking for

  • Is it possible to do goods movement with reference to PR or STR?

    My client wish to follow following process for fulfilling the material requirement. 1. User will create Purchase Requisition or stock transport requisition. 2. Purchase dept. will check the stock and will ask stores to issue the goods if available. T

  • Source and target directory file name should be same

    Hi, How can i generate the same file name in target directory without date and Timestamp. for eg., Source File name : yeswanth.txt and target File name also : yeswanth.txt Note : here source side the file yeswanth.txt is constant and whenever it move

  • Configure send connector for exchange online protection

    Hello Forum members, I am trying to configure send and receive connectors for Exchange 2010 to route on-premises mailboxes to Exchange OnLine Protection.  The "help" info MS provides is for Ex 2013 - and the EAC GUI and config does not lend a close f

  • IPhoto 6.0 and IMovie6.0 no audio and audio effects

    IPhoto I can't hear any audio in the slide show (Music from ITunes or Demo Songs Garage Band) for exampels or when i add the Music to a slide Show. IMovie In IMovie i can't hear after the import of a film from JVC over Fire Wire the audio and then is

  • How to check Financial Consolidation SP Level

    Dear Experts, How can i check which SP version Financial Consolidation 7.5 installed on Windows server 2008, From financial consolidation desktop Help Menu > About Financial Consolidation it seems ; Version : 7.5 Build : 7.5.0.2348 Best Regards