Reset password in Novell GroupWise from OIM

Similar Messages

• Using a customised Reset Password workflow and notification in OIM

  Hi all,
  I am using Oracle11.1.1.5 OIM. I am trying to figure out how to create my own customised "Reset Password" process and replace (but not overwrite) the out-of-the-box "Reset password" process in OIM. Does anyone know how to do this? I have checked the documentation, but not sure that writing new java-coded event handlers is the way to go.
  regards,
  Evangelo

  >
  With regards to creating a new (customised) "Reset Password" notification template via the OIM Administration console, how is it possible to change the OOTB(Out-Of-The-Box) "Reset Password" process so that it uses the new (customised) "Reset Password" notification template instead of the OOTB "Reset Password" notification template?
  You can modify existing ResetPassword notification by adding new attributes to the body of the notification. Follow this link http://fusionsecurity.blogspot.in/2011/07/oim-11g-notifications.html to write your custom resolver class and using this class substitute the values of notification attributes with actual values obtained from resolver class. Register this resolver class as plugin to OIM.
  Export the OOTB ResetPassword.xml from metadata/iam-features-request/notification and change the resolver class name to your custom resolver and import it back to MDS.
  Also, the "From:" email attribute does not appear in the OOTB "Reset Password" notification template....where is this set (it is currently set to [email protected])?
  With the OOTB Reset Password Trigger event, NotificationEvent.setSender value is set to XELSYSADM. So the from address will be the email address of xelsysadm.

• How to reset password for  XELSYSADM user in OIM?

  Hello Gurus and Experts!
  How to change password for XELSYSADM user in OIM?
  Your help is appreciated.
  Edited by: mc2 on Aug 25, 2011 4:27 PM

  Follow the undermentioned steps to change the password:
  1) Change the password from oim Design Client as usual.
  2) Open xlconfig.xml present in <XL_HOME>\xellerate\config folder.
  3) This step is optional and should only be used if you have a <XLPassword encrypted> tag in the <Scheduler> section. In the scheduler section, change the encrypted="true" to encrypted="false" and replace existing encrypted password with new clear text password, as shown below:
  <Scheduler>
  <XLUserName>xelsysadm</XLUserName>
  <XLPassword encrypted="false">NEW_PASSWORD</XLPassword>
  </Scheduler>
  4) Restart server.
  Now login with the new password.

• Resetting password in Novell's Edirectory

  Hello there,
  I am writing a java program to reset the password in e-directory. I am
  using Novell's java library and reusing some code from here:
  http://tinyurl.com/8q9lypr
  Can I send password reset request to e directory without SSL channel ?
  OR does edirectory only accepts the password reset request on SSL
  channel like active directory ?
  Thanks for your help !
  prashantaphale
  prashantaphale's Profile: https://forums.netiq.com/member.php?userid=2813
  View this thread: https://forums.netiq.com/showthread.php?t=45010

  -----BEGIN PGP SIGNED MESSAGE-----
  Hash: SHA1
  You can change passwords without securing the channel, though in 99.999%
  of cases it's not very smart to do in production. You probably mean
  just for testing or verification of the application, though.
  Good luck.
  -----BEGIN PGP SIGNATURE-----
  Version: GnuPG v2.0.19 (GNU/Linux)
  Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
  iQIcBAEBAgAGBQJQhZUxAAoJEF+XTK08PnB5T68P/RRn3Y9kar7u75TAa+wHDlod
  NG0l5/WvdKztgip4Stg1p3ow0ae4MFd+5AyzGbSO2cNLUxzPBTzRY4Xj mIdriEEo
  SIcg4obIQpJdoj+abrIK2ufPwFoU1JZDHFCu2P9KqSd63NrQ61 g0jgSun9uYej2D
  zQuAvPtAiU4bVvemasB0dPGc+hQUSAUXh6ET9lzB5KudLcsGfe xwapDrcOZZ9QtI
  QQJSNbyLuJkUXotva/wAzO8oMrrX4cmg8TeRW5+RzvOl0QfCWuLub8C79uskZQMO
  Rb9F8ehjpZ9pi6uAs5Mg4R8HT9sr7t+inCqT1lpgBnqi2QGjh8 SnUR0VoC+4DLTL
  O90dY/oUb2+s/WrUDLxtqeCzsGNytxxVig64R7ASPvhglofky111N6PrDILs7BR i
  1XhCAYGvMvxc7voDwGpsgAczf2VR1qLBPGc9mTG/lzOFm3FchoqiTJ4mb3vjqfY7
  eKkEHB/PoAnfVRx+6Esk6Qt5/1/WdcJeRmQNqln3LT9peZZdl9HL2j3hfnU0gVdh
  a9GHfwJcairZseCuLti8D8EO/V8FfI+i9a5Xxx3EuDhFgCJJA/5mFniogvpoorEv
  HLVk6uwJkjiwxTNkPL+1Yt109BPMxHQo1SKbI3WfSm/Qp9EjeSG5/qgcXvoIBTu2
  Z+oM56LUyq43e+GcOB4x
  =O4Ow
  -----END PGP SIGNATURE-----

• Want a solution for a scenario-To Set Password expiration in OID from OIM

  Hi,
  I have one scenario. Please guide me in some details to achieve this.
  I have one password policy in OIM. When user's password expires in OIM, then his password should also expire in OID. We have OID as user's repository.
  For this I have one solution but dont know how to implement this in OIM.
  "OID has the LDAP attribute called “pwdMaxAge” map this attribute to the OIM resource object and reset this value to number of days (as per password policy) whenever you change the password in OIM. This will set the password expiration time in the OID without having the password policy in place. "
  Plesae suggest.
  Thanks in advance.

  Well here is what you can do:
  - For OIM the user's password will be governed with the Xellerate User password policy, which says that password must be changed every 28 days. So you are good in handling this in OIM.
  Now for OID side, you have two options - *1. User changes OID password directly* and *2. User changes OID password through update in OIM profile password*. Most probably tou would want the second case. If true then here is what you can do.
  - As user changes the OIM password. Create automatic trigger Change User Password which updates the password in the process form of OID.
  - This invokes the Password Updated task.
  - On SUCCESS of this task, call another task which goes to OID target and updates the attribute pwdMaxAge to Current date + 28
  Thanks
  Sunny

• Reset Password In Form Based Authentication "OIM - OAM Integration" SSO

  Hi All
  I want to give Password Reset Option in the Form Based Authentication page for OIM-OAM SSO Application, could you please help me in that??
  my SSO is working with OIM 9.1.0.2BP06 with OAM 10.1.4.2.0, and i have created Simple Form in html, for the Authnetication, Now i want Password Reset Button on Form, and will have to reset through LDAP
  TA

  Provide the OIM links for registration and forgot password.
  If your OAM has a user store(LDAP) where OIM is provisioning, your changes will be reflected in OAM
  Hope this helps,
  Sagar

• How to implement approval on password reset from OIM 9.1

  I am having an requirement where i need to implement Manager Approval on user's every password reset from OIM 9.1.02.
  Please help me out with your suggestions.
  Thanks,
  Kanav

  The thread was help full rajiv but i am still having some issue in the approch to follow:
  As per the thread we cannot use the Entity Adapter because:
  If you are thinking of using Entity Adapter on User form then it is not possible because whenever you change any value on User form, that will be updated in USR table without any Approval.
  So, if we go with the below appoach:
  *Event Handler Way:*
  Create Event Handler.
  You'll get OLD and NEW Values of that field.
  Capture those values and raise request for thsi Dummy RO with your code
  And use Error Handler to show Custom Message to Administrator that "Request Has Been Initiated for User Profile Modification".
  but i am having below doubts:
  1. If we are not having the Entiry Adapter then where we will do the mapping of fields that have been taken n the adapter?
  2. And how can i get the old value of the filed?

• Prevent user from resetting password more than once in a day

  Hi,
  1) my requirement is that, i want to prevent a user from resetting his password more than once in a day in OIM 11g.
  i guess that has to be implemented using a pre-process event handler on reset password page.
  is that achieveable? i dont have much idea on which places i can attach a pre-process event handler to.
  2) I want to restrict a user from using sequential passwords. eg: abhi1, abhi2, abhi3
  This is not present OOTB. just want to know. can we do it via custom code.? but this will expose that password (security breach- which i dont want)
  is there any way i can achieve this via configurations in OIM or some event handler.?
  Thanks in advance.

  1.yes, update "Minimum Password Age" to 1 for the password policy.
  2. you can't achieve this by configuration. But, yes write an event handler and put your validation there. probably this is required on manual create or update so use pre-insert and pre-update eventhandler for validation.
  --nayan                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

• Can't log in with valid password, can't boot from disk, can't access disk utility, in single user mode can't reset password as appears locked in caps mode with '?' for forward slash, can anyone help?

  Can't log in with valid password, can't boot from disk, can't access disk utility, in single user mode can't reset password as appears locked in caps mode with '?' for forward slash, can anyone help?

  Which keyboard layout you were using? German, French ... I suppose your layout is reset to the default: US and you are unable to find the "?" or "/" ...
  Please have a look into the keyboard viewer, to see how the layout of your keyboard is actually.
  marek

• How to reset password if you can't boot from DVD?

  I just bought a second external disk drive and installed Leopard on it. When it asked me if I wanted to import my information from my internal drive, I said OK, not realizing that since I had a blank password on this drive (running 10.2.8), that would not work with Leopard. One of the reasons why I bought the second disk drive is that my internal superdrive failed, and I had added on an external Lacie superdrive which does not function as a boot drive, and I wanted to run the new OS on another drive so if one drive failed, the other would work as a boot drive. However I can't boot from the DVD to reset the password on my external drive to an actual password. I disconnected the external drive and am working on my internal drive with 10.2.8. (So something I planned for worked)
  I suppose one solution would be to erase the new external drive and start the whole install process all over again, making sure to add a password on this drive first. But that took about five hours and I'd really rather not. Is there some way to reset the password remotely using the OS from my internal drive to look at the external drive? Or is the non-boot from an external USB superdrive a problem unique to 10.2.8 but if I set the external drive to be the boot drive, the Leopard DVD would boot the external drive?
  Thanks.

  Thanks. Thankfully, when I thought about it, I realized that the computer had booted from the external superdrive to install Leopard, so I figured I'd give it a shot by selecting the install disk as the startup disk and restarting, crossing my fingers and hoping. It worked, so I was able to simply reset the password using the reset password function. Perhaps the issue with the external superdrive is that if it's not already mounted with a system disk before you restart, it won't do it after it starts up in event of failure.
  And if that hadn't worked, I would have booted from my internal drive, used disk utility to wipe out the external drive, put a password on the 10.2.8 account, and done the whole install process again and migrated the account now with a password to the drive.

• I have an imac 2009 the disk drive is damaged and I have lost the passwords I need to reset passwords I tried booting with a macosx disk from an external hard drive but did not read the drive how else can I reset password ?

  I have an imac 2009 the disk drive is damaged and I have lost the passwords I need to reset passwords I tried booting with a macosx disk from an external hard drive but did not read the drive how else can I reset password ?
  I have a 2012 mac book pro can I use that to connect with firewire and load osx that way? and how woudl I do that?
  Thanks so much!

  To what password are you referring? Do you mean your user account's admin password? Or do you mean the master password for File Vault or do you mean a Firmware Password?
  For an admin password:
  Forgot Your Account Password
  For Snow Leopard and earlier
       Mac OS X 10.6- If you forget your administrator password
  For Lion/Mountain Lion
      Boot to the Recovery HD:
  Restart the computer and after the chime press and hold down the COMMAND and R keys until the menu screen appears. Alternatively, restart the computer and after the chime press and hold down the OPTION key until the boot manager screen appears. Select the Recovery HD and click on the downward pointing arrow button.
       When the menubar appears select Terminal from the Utilities menu.
       Enter resetpassword at the prompt and press RETURN. Follow
       instructions in the dialog window that will appear.
       Or see Reset a Mac OS X 10.7 Lion Password and
       OS X Lion- Apple ID can be used to reset your user account password.
  If you cannot do the above then try this:
    1. Boot to Safe Mode by restarting and after the chime press and hold down the COMMAND-S keys until a black screen with white type appears.
    2. At the prompt, type the following commands pressing return after each command line:
       /sbin/fsck -yf
       If you do not receive a "Filesystem OK" message then repeat this command until
       you do.  If after seven tries you still do not receive a "Filesystem OK" message,
       then the system is corrupted and needs to be reinstalled.
       mount -uw /
       cd /private/var/db/netinfo
       mv local.nidb local.old
       rm ../.AppleSetupDone
       shutdown -r now
  The second-to-last command above will cause OS X to think that the operating system is newly installed, and when the new owner starts up the computer it will send him/her to the startup wizard where he/she can start a new user without reinstalling.
  This last method does not actually change a password. It simply removes the user accounts and lets you create an initial admin account as if the computer were new out of the box.
  How to reset the OS X password without a startup CD:
  Reboot into Single-user Mode. Enter the following and press RETURN after each command line
     1. Type fsck -fy
     2. Type mount -uw /
     3. Type passwd <username>
  I have never tried this method myself.

• Oim11g: Accessing oim password stored in CSF from pre-populate class

  Can I access the oim password stored in CSF from the request template pre-populate class?
  I am using hte following code from my class but its not working:
  ====================================
  String oimUserName = "";
  String oimPassword = "";
  //get system administrator's credentials
  oracle.security.jps.JpsContext ctx = oracle.security.jps.JpsContextFactory.getContextFactory().getContext();
  final oracle.security.jps.service.credstore.CredentialStore cs = (oracle.security.jps.service.credstore.CredentialStore)ctx.getServiceInstance(oracle.security.jps.service.credstore.CredentialStore.class);
  oracle.security.jps.service.credstore.CredentialMap cmap = cs.getCredentialMap("oracle.oim.sysadminMap");
  oracle.security.jps.service.credstore.Credential cred = cmap.getCredential("sysadmin");
  if (cred instanceof oracle.security.jps.service.credstore.PasswordCredential) {
  oracle.security.jps.service.credstore.PasswordCredential pcred = (oracle.security.jps.service.credstore.PasswordCredential)cred;
  char[] p = pcred.getPassword();
  oimUserName = pcred.getName();
  oimPassword = new String(p);
  ====================================

  Try using the following code:
  String oimUserName = "xelsysadm";
  oracle.iam.passwordmgmt.internal.api.PasswordManager passwordManager = new oracle.iam.passwordmgmt.domain.PasswordManager();
  String oimPassword = passwordManager.getUserPasswordFromDB(oimUserName, true);

• Reconciliation of "change password on next logon" from AD fails in OIM 11g

  Hello,
  We have a use case on our OIM 11g project where we create a user in Active Directory and check *"User must change password at next logon"* box in AD.
  We have setup AD as Trusted and Target resource (using connector 9.1.1.7), where users coming from AD will be created in OIM and password changes in OIM will be sent to AD. Also we use the password synchronization module (9.1.1.5) to synchronize the passwords from AD to OIM when they are changed in AD.
  What we noticed is the "User must change password at next logon" is synchronized to the "AD Resource", but unlike the regular attributes it is not accessible normally because it's a system attribute.
  What we expect is the user logging in to OIM will be prompted to change the password, but nothing happens when the newly reconciled user logs in (i.e. normal self-service page is shown). Same thing applies when we set the flag on an existing user also.
  Did anyone get this working properly?
  P.S. In a previous version it used to be the opposite where the user was constantly prompted for the password, even though it was changed in AD already, after changing the password using Alt+Crtl+Delete the user was still prompted to change when logging in to OIM. Oracle suggested we upgrade to 11.1.1.5.1 (most recent patch set) but now the reverse happens - we never get change password prompt now.
  Thanks,
  -JP
  Edited by: JacekP on Oct 17, 2011 8:10 AM

  Yeah, you're right, unfortunately we have dual authorative password model, where a user can change the password from OIM when he is accessing a OIM through a web interface or from his Windows machine through the domain controller. We need the use case to work fully both ways ideally.
  A plan-B solution is to use a directory synchronization mechanism outside of OIM that would connect OID and AD, but we would prefer not to.

• How to make a reset password function work in OIM?

  There is a requirement for resetting password for users in OIM.
  An OIM admin should be able to reset a password for a specific user, and the new password which should NOT be known by the admin will be sent to the user via email. And the user will be required to change his password when he logins with the new password.
  I know there is a 'Change Password' button in User Detail page. But the problem is the admin has to type a password for the user, which means the new password is exposed. Ideally, the new password is generated by system. Has anyone had any experience in dealing with this kind of case? Thanks!

  See if this can solve or answer your requirements.
  When User's account is locked, It is assumed that he has forgotten his password.
  Write a scheduled task which looks for all the locked users.
  Generate temporary password for them.
  Send that password in a mail to those users.
  This may not be exactly how you want it to be. But this will require lesses efforts as compared to customizing "Change Password" button on admin console.
  To make it the way you want, Following approach can be useful.
  Admin console of OIM is made using struts framework. So If you know struts, Reading into struts-config.xml file will tell you the action class which is executed on click of "Change Password".
  Modify that action class and make it the way you want that to be.
  -Kiran Thakkar

• My MBP didn't recognise my password, started it in safe mode, I can see my files, but I don't know what to do next, as the image of reset password isn't selectable. I just moved from PC. Need help please...

  My MBP didn't recognise my password, started it in safe mode, I can see my files, but I don't know what to do next, as the image of reset password isn't selectable. I just moved from PC. Need help please...

  Safe mode is not what you want in this case. Reboot to recovery mode - hold down cmd-R as the Mac reboots. Go past the language-selection screen, click the Utilities menu, then Terminal. Type:
  resetpassword
  Followed by the return key, and follow the prompts. Reboot normally when done.
  Matt