Users changing passwords within LDAP authentication

Hello all,
I've noticed that if a user uses the 'Membership' authentication to access the portal, they are allowed to change their passwords within the 'user channel' edit section.
If a user logs in throught the LDAP authentication, this password utility disapears.
1 - Is there a way to use this password utility when using LADP authentication? Is it just a setting somewhere??
2 - What are you using to change password if you are using LDAp authentication? i.e. did you create your own password tool??
Thanks in advance,
Jason

Here's how I did it on 6.0:
I created a bookmark with these properties:
Bookmark Name: Change Personal Settings
URL: /amconsole
When the user clicks on the bookmark, they have to scroll all the way down to the bottom of the window to find the change password option. After changing the password, the user should close the amconsole window WITHOUT clicking on the logout button. Just kill the window.
If they click "logout" it will log them out of the Portal Server while leaving the desktop window open. It will look like they are still logged in but they are not. They will have to re-login.

Similar Messages

  • Obiee 11g How to let user change password

    obiee 11g How to let user change password ?
    i not mean use weblogic console。 normal user how to change password。

    With 11g, OBIEE essentially uses the 10g notion of external authentication.
    By default, this is done by the WLS (Weblogic) LDAP identity store, but it may be done by another supported Authenticator either within WLS, or in the OBIS meta data (i.e. Custom Authenticator or LDAP). As such, OBIEE no longer has any control over user passwords; this is why the steps referenced in note 1102353.1 do not apply to OBIEE 11g, but only to internal/repository-defined users in OBIEE 10g.
    So, as with password maintenance in OBIEE 10g when an external authenticator is used, it is within that external authentication system that password is changed, not within OBIEE 11g. There is no option in OBIEE 11g to allow users to change passwords.
    There are two work-arounds with which you can change your password:
    1) From the Weblogic administration console/WLST.
    You need to give such user access into Weblogic console or access to browse through involved MBean hierarchy and other modify permissions. Changing the password using WLST instance is covered here:
    Ideally, the console and WLST approaches are used by Administration accounts to manage other users. But the console and WLST can be made to allow other users to change passwords (which will be more or less like carrying out an administrative task by users themselves)
    2) Using a programmatic approach.
    Here the application that intends to provide password change functionality to its users should implement this functionality on its own (GUI plus call to the relevant Weblogic API). Weblogic provides an MBean that the application can use to accomplish this. See here for more information.
    An enhancement request exists for this functionality. This is unpublished bug 11836170 - enable non admin users to change passwords in obiee 11g.

  • How to enable users change password in obiee 11g?

    Is there anyone know how to enable users change password in obiee 11g?
    And I have tried the method in obiee 10g, bu it didn't work.
    Any help would be appreciate.

    As per I understand your requirement,
    In your Dashboard create a Presentation variable which receives the value of year you select.
    Now in your analysis, select the year column along with all the measures you want (Actual, plan, Forecast, and what-if, etc).
    Create a filter on Year column and convert it into SQL. Put the condition as:
    "Year" BETWEEN @{Presentaion_Variable} - 1 AND @{Presentation_Variable}
    You will get the result for selected year and the previous year.
    Hope it helps..
    Regards,
    A.K.

  • How to change password of LDAP admin :cn=Directory Manager ?

    How to change password of LDAP admin :cn=Directory Manager ?
    Thanks!

    Try this, on the console log in as "cn=Directory Manager", open the Directory Server console and select the "Configuration" tab. You should see a "Settings" tab inside "Configuration" There you can find the fields for Directory Manager's new password.
    Regards.

  • How to change SSO user's password: Get LDAP URL

    Hi,
    I would like to add a 'change user SSO password' form to my BC4J application. The form's submit button fires an action that calls a PL/SQL package. This package receives 7 parameters, and uses de dbms_ldap package to change the user's password.
    Parameters:
    - LDAP Host
    - LDAP Port
    - User DN
    - SSO Username
    - Old Password
    - New Password
    - Retyped New Password (for confirmation)
    I'm trying with a DataForwardAction event whose purpose is to get the user's account information and the LDAP location, but I can't get the LDAP Location (ClassCastException) and the SSOUsername (NullPointerException).
    I'm using JDeveloper 10.1.2.0.0 (Build 1811)
    My question is: ¿What am I doing wrong? ¿Is there any easier way to do this?
    The code is below:
    import javax.servlet.http.HttpServletRequest;
    import oracle.adf.controller.struts.actions.DataActionContext;
    import oracle.adf.controller.struts.actions.DataForwardAction;
    import oracle.security.jazn.JAZNConfig;
    import oracle.security.jazn.spi.ldap.LDAPJAZNProvider;
    public class ChgPwdAction extends DataForwardAction
      public void onChange(DataActionContext ctx) throws Exception
        HttpServletRequest request = ctx.getHttpServletRequest();
        String host                = null;
        String port                = null;
        String userDN              = null;
        String SSOUsername         = null;
        String oldPwd              = null;
        String newPwd              = null;
        String confirmNewPwd       = null;
        try
          LDAPJAZNProvider ldapProvider = (LDAPJAZNProvider)JAZNConfig.getJAZNConfig().getJAZNProvider();
          host = ldapProvider.getJAZNConfig().getLocationURL().getHost();
          port = "" + ldapProvider.getJAZNConfig().getLocationURL().getPort();
        catch (ClassCastException e)
          //System.out.println(e);
          throw new Exception("Missing LDAP location");
        try
          userDN = request.getHeader("Osso-User-Dn");
        catch (NullPointerException e)
          //System.out.println(e);
          throw new Exception("Missing User DN.");
        SSOUsername   = request.getRemoteUser();
        oldPwd        = (String)request.getParameter("oldPwd");
        newPwd        = (String)request.getParameter("newPwd");
        confirmNewPwd = (String)request.getParameter("confirmNewPwd");
        request.setAttribute("Host", host);
        request.setAttribute("Port", port);
        request.setAttribute("UserDN", userDN);
        request.setAttribute("SSOUsername", SSOUsername);
        request.setAttribute("OldPwd", (String)ctx.getHttpServletRequest().getParameter("oldPwd"));
        request.setAttribute("NewPwd", (String)ctx.getHttpServletRequest().getParameter("newPwd"));
        request.setAttribute("ConfirmNewPwd", (String)ctx.getHttpServletRequest().getParameter("confirmNewPwd"));
        //System.out.println (userDN + "-" + SSOUsername);
      // To override a method of the lifecycle, go to
      // the main menu "Tools/Override Methods...".
    }Thanks in advance.

    Hi again,
    First of all, thanks for your reply.
    Yes, I know I can use JNDI instead of a call to a PL/SQL package (I visited this link: http://forum.java.sun.com/thread.jspa?threadID=592611&start=0 that explains how to do it), but in both cases I have the same problem: I don't know if it's possible to get the LDAP's environment specifications (PROVIDER_URL, SECURITY_PROTOCOL) dynamically.
    Our production environment's LDAP is not the same as our development environment's LDAP. This is why I want to get this information dynamically.
    I think that this information is stored in the jazn.xml file: Is there any way to get this information?
    Thanks a lot.

  • UME change password in LDAP when this has expired

    Hello,
    I've configured SAP EP 2004 SP18, ume datasource is LDAP Active Directory, with SSL, and as administrator I can reset the password.
    The problem appears when password is expired and the flag "user must change password" is marked in Active Directory and in the portal dosen't appear the form to the user to change the password.
    If you read in ADS attribute "pwdLastSet" when is "0" means that the user must change password, I'm trying to map this attribute to ume attribute "passwordchangerequired", but it's not working, also are different formats.
    The result is that in the portal login is not appearing the form to change the password when it's necesary, any ideas to map this active directory password or workaround...
    Very thanks in advance.
    Xavi.

    same problem here ........ Iv'e set the UME expire date, and this works (kind of). The problem is that if both the Active Directory AND the UME are set to expire at 30 days, when the user logs on to the network on the 30th day, he is prompted to change his network password. Then as soon as he tries to log on to the portal he is prompted again (since the portal/ume doesnt know that the password has been changed in the active directory data source).
    The user is prompted 2 times to change his password, and this is obviously confusing. And now his network password is different that what he just changed it to (since the portal / ume pw change changes the Act Dir password).
    Any suggestions?
    Thanks.

  • How to Enforce User Change Password First Time User in Release 2?

    Hi...
    We discovered in Oracle Directory Manager(in unix is oidadmin), there actualy
    column to expiry date.(the default is 60).
    We follow this notes in metalink..
    Note:176470.1 Subject: How To Pre-Expire Portal Passwords
    Even though the note is for Portal30(release1), we just wangt to try it in our Release 2...
    Extract from the note
    "3. Set the value of the column LAST_PASSWD_CHANGE_TIME in the table WWSEC_PERSON$ in SSO schema to a value older than the password expiration period (default is 90 days) before the current time (e.g. sysdate - 100) for the appropriate user(s)
    4. For example, if you have created a user called TEST
    you would issue a command such as:
    update wwsec_person$
    set LAST_PASSWD_CHANGE_TIME =sysdate-70
    where USER_NAME='TEST';
    commit; "
    But, when we try to login again in the portal, we can still login...
    So, is the function still exist in Release 2?..
    If not, why Oracle Portal throw that function away?
    Why there still columns in WWSEC_PERSON$ that maybe linked to the password problem?
    can anybody help/explain?
    Thanks....

    Rather than rehash what has already been thoroughly discussed, check this thread. This should answer your question.
    Can a user change his own password after admin has set it
    The english version of Jose Troya's blog: http://obiee101.blogspot.com/2008/08/obiee-change-password.html
    Edited by: LC143 on Aug 27, 2008 1:36 PM

  • Java.lang.NullPointerException in end user change password page

    Hi All
    I need to notify a user whenever he changes his password. when i log in to the user page and change password i get java.lang.NullPointerException.
    Any ideas???
    Help is appreciated.
    Thanks

    What exactly are you clicking on in the end user page? Your problem could be a number of things. You can get this error when the xml in a file it is referencing is not properly formed. e.g if you had not properly closed a tag in a config file.

  • User change password after first logging in Oracle 11g

    Hi
    Can you help someone in connection with this problem:
    user can not change password after first logging in Oracle 11g
    All the best
    Ragip Avdijaj

    Sounds like they are not getting logged in at all, so they are never getting to the point where they can change the password, but we need to see more detail to give a better answer (an example or copy-paste of a sqlplus session might help)

  • User Change Password

    User Password changes:
    Ex. Custom Oracle FORM Button Trigger to force DB change Password.
    -- Force an alter user statement to the database.
    -- sys.verify_password function will verify.
    Cmd_Line := 'Alter user "'||:CHANGE_PWD.USER_NAME||
    '" identified by "'||:CHANGE_PWD.VERIFY_PWD||'"';
    FORMS_DDL(cmd_line);
    IF NOT Form_Success THEN
    NOTE(DBMS_ERROR_TEXT); -- display Ora error message
    raise Form_Trigger_Failure;
    END IF;
    Ex. Customize SYS.Verify_Password function sample to return an Error MSG.
    Set for user in Profile, enforces password change syntax rules.
    -- Check for a no space
    isspace:=FALSE;
    FOR j IN 1..m LOOP
    IF substr(PASSWORD_VAR,j,1) = ' ' THEN
    isspace := TRUE;
    GOTO endsearch4;
    END IF;
    END LOOP;
    <<endsearch4>>
    IF (isspace = TRUE) THEN
    raise_application_error(-20003, 'Password cannot contain spaces');
    END IF;

    ...So what is the question???

  • Change password through LDAP fails

    I have the standalone calendar server (9.0.4) installed using an openldap server for the account data. Operations generally seem to be working OK with logon activity and ldap lookups. However when trying to change the password using the windows client the application reports "Unable to access the directory server. Application will terminate." after which it closes.
    Simutaneously, watching openldap debug logs during the event I see this:
    Oct 20 14:10:45 cs slapd[2986]: => acl_mask: access to entry "cn=Test User One,ou=People,dc=department,dc=someuniversity,dc=edu", attr "userPassword" requested
    Oct 20 14:10:45 cs slapd[2986]: => acl_mask: to all values by "", (=n)
    Oct 20 14:10:45 cs slapd[2986]: <= check a_dn_pat: ou=oraclecalendaradministrator,dc=department,dc=someuniversity,dc=edu
    Oct 20 14:10:45 cs slapd[2986]: <= check a_dn_pat: self
    Oct 20 14:10:45 cs slapd[2986]: <= check a_dn_pat: users
    Oct 20 14:10:45 cs slapd[2986]: <= check a_dn_pat: anonymous
    Oct 20 14:10:45 cs slapd[2986]: <= acl_mask: [4] applying read(=rscx) (stop)
    Oct 20 14:10:45 cs slapd[2986]: <= acl_mask: [4] mask: read(=rscx)
    Oct 20 14:10:45 cs slapd[2986]: => access_allowed: auth access granted by read(=rscx)
    Oct 20 14:10:45 cs slapd[2986]: ====> cache_return_entry_r( 8 ): returned (0)
    Oct 20 14:10:45 cs slapd[2986]: conn=65 op=4 BIND dn="cn=Test User One,ou=People,dc=department,dc=someuniversity,dc=edu" mech=SIMPLE ssf=0
    Oct 20 14:10:45 cs slapd[2986]: do_bind: v3 bind: "cn=Test User One,ou=People,dc=department,dc=someuniversity,dc=edu" to "cn=Test User One,ou=People,dc=department,dc=someuniversity,dc=edu"
    Oct 20 14:10:45 cs slapd[2986]: send_ldap_result: conn=65 op=4 p=3
    Oct 20 14:10:45 cs slapd[2986]: send_ldap_result: err=0 matched="" text=""
    Oct 20 14:10:45 cs slapd[2986]: send_ldap_response: msgid=5 tag=97 err=0
    Oct 20 14:10:45 cs slapd[2986]: conn=65 op=4 RESULT tag=97 err=0 text=
    Oct 20 14:10:45 cs slapd[2986]: daemon: select: listen=6 active_threads=0 tvp=NULL
    Oct 20 14:10:45 cs slapd[2986]: daemon: activity on 1 descriptors
    Oct 20 14:10:45 cs slapd[2986]: daemon: activity on:
    Oct 20 14:10:45 cs slapd[2986]: 28r
    Oct 20 14:10:45 cs slapd[2986]:
    Oct 20 14:10:45 cs slapd[2986]: daemon: read activity on 28
    Oct 20 14:10:45 cs slapd[2986]: connection_get(28)
    Oct 20 14:10:45 cs slapd[2986]: connection_get(28): got connid=65
    Oct 20 14:10:45 cs slapd[2986]: connection_read(28): checking for input on id=65
    Oct 20 14:10:45 cs slapd[2986]: ber_get_next on fd 28 failed errno=11 (Resource temporarily unavailable)
    Oct 20 14:10:45 cs slapd[2986]: do_bind
    Oct 20 14:10:45 cs slapd[2986]: conn=65 op=5 BIND anonymous mech=implicit ssf=0
    Oct 20 14:10:45 cs slapd[2986]: >>> dnPrettyNormal: <ð^est User One,ou=People,dc=department,dc=someuniversity,dc=edu>
    Oct 20 14:10:45 cs slapd[2986]: bind: invalid dn (ð^est User One,ou=People,dc=department,dc=someuniversity,dc=edu)
    Oct 20 14:10:45 cs slapd[2986]: send_ldap_result: conn=65 op=5 p=3
    Oct 20 14:10:45 cs slapd[2986]: send_ldap_result: err=34 matched="" text="invalid DN"
    Oct 20 14:10:45 cs slapd[2986]: send_ldap_response: msgid=6 tag=97 err=34
    Oct 20 14:10:45 cs slapd[2986]: conn=65 op=5 RESULT tag=97 err=34 text=invalid DN
    Oct 20 14:10:45 cs slapd[2986]: daemon: select: listen=6 active_threads=0 tvp=NULL
    So, it's submitting an initially correct lookup for the test account but when it later submits the password updated it appears to substitute garbage for the first few characters. Getting the DAS debug log isn't much help, it does report this error:
    DATE = Wed Oct 20 14:14:40 2004
    PID = 5457; TID = 3059759840
    ERROR CODE -> 0x18001
    FUNCTION NAME -> ctldap_LDAPErrorMap
    LDAP ERROR -> 34
    LDAP ERROR MESSAGE -> Invalid DN syntax
    MATCHED DN ->
    SERVER ADDITIONAL INFO. -> invalid DN
    DATE = Wed Oct 20 14:14:40 2004
    PID = 5457; TID = 3059759840
    LOG TYPE -> TRACE
    EXITING -> ctldap_LDAPErrorMap
    returns 0x18001
    Is there anything I should look to about the weird LDAP substitutions? This looks pretty bizarre, I haven't seen such problems with any of the other operations.

    Do you have a :
    [LDAP]
    writedn = " "
    writednpassword = " "
    (note, you need to encrypt this using uniencrypt utility)
    [UTL]
    adm_moduserpassword = TRUE
    Try it then.
    Because a user has now write privileges to the LDAP it needs a mediator. That mediator is the writedn and writednpassword.
    Yours,
    Eli Benschop

  • The user ID, password cannot be authenticated. Make sure you entered valid

    Hi experts,
    i've installed BPC NW 7.5, now i receive the error in subject when i try to logon from server manager, client, web...
    Following sap note 1380518 i checked COM+ credential, but never changed.
    The system was installed with CMS authentication, i created the user BPC_SYSADMIN on the DC with admin right on local server, the same user has admin rights on CMS also. I tried changing user definition (with domain and without) on server manager, on COM+ application identity tab, and in table UJA_SVR_DEFAULT on the Abap server, nothing happened.
    Any help is appreciated.
    Regards,
    Simone Caponecchi

    Hi,
    Thanx for the feedback !! really appreciate it. Here is the response:
    The COM components are ok, as well as the MSMQ and every other component you mentioned (also reinstalled it). I reactivated all "dictionary" to the 3 users created in ABAP, changed role to communication, and give SAP_ALL permission.
    In the machine, changed the Default web site to port 81 (to let BPC website take port 80)
    Reinstalled  NET 2.0, set all components for BPC website to Net 2.0
    Created the 3 abap users in domain and gave in both systems  the same password.
    Entered in the machine as the administrator user (also administrator in Netweaver) and started the installation without trouble.
    After that, tried to run the server diagnostic but this user was lacking permits, so I added the 3 users (abap) in the local machine as administrators, in a  new group called BPC (only giving the administrator role). Entered now in the machine as BPC_SYSADMIN and ran the Server Diagnostic without trouble.
    After doing this, I now am facing an issue trying to add users to the 1° appset... choosing the domain users... however someone mentioned that this is related to the NET tier, is it better to reinstall this tier completely or at least try with NET 1.1, but im just about to find out.
    Thanx again for the response.
    Velázquez

  • Application users changing passwords

    Is there a simple way for application users to change their passwords? I can see that the owner of the application can do it but it makes more sense for the individual users to maintain their own passwords.
    Thanks,
    Greg

    Greg,
    this depends a lot on your user management.
    In the sample application a custom authentication scheme is implemented where the users and their respective passwords are stored in a custom table (demo_users).
    From there on you can easily have the users manage their own passwords.
    ~Dietmar.

  • Set User Description by external ldap authenticator

    Hi,
    I used a customized iplanet Authentication Providers to authenticate the user.
    After the system is started and I goes to "Security Realms > myrealm > Users and Groups -> Users", I am able to see a list of user from Ldap server. Name field is username. But description is empty. How could I populate description field by field in External Ldap server?
    Thanks,

    Hi,
    I used a customized iplanet Authentication Providers to authenticate the user.
    After the system is started and I goes to "Security Realms > myrealm > Users and Groups -> Users", I am able to see a list of user from Ldap server. Name field is username. But description is empty. How could I populate description field by field in External Ldap server?
    Thanks,

  • Changing password within SQL Developer

    Hi, Thanks for the great product. I'm beginning to migrate from TOAD to SQL Developer and have run into one minor snafu. The one minor feature missing within SQL Developer (unless I missed it) is to easily change a password like TOAD in the UI (This is a common complaint among other devlopers trying it out). I work on a lot of seperate databases occasionally and have to reset the passwords every 60 days.
    I would like to request this minor feature.
    How can I change my password without using SQL Plus, but within SQL Developer? Is there a way?
    Thank you!

    Sounds like a good enhancement and I will record it. In the meanwhile, just open a SQL Worksheet and issue your command.
    -- Sharon

Maybe you are looking for