Wwv_flow_fnd_user_api.edit_fnd_user to set change password on first use

Similar Messages

• Change Password on first use does not work properly.

  I have created apex application user in Oracle Apex 3.2 as follows
  BEGIN
  APEX_UTIL.CREATE_USER(
  p_user_name => 'NEWUSER1',
  p_web_password => 'secret99');
  END;
  As in the documentation
  p_change_password_on_first_use  IN      VARCHAR2    DEFAULT 'Y',
  User should be prompted to change password at first use. But it does not work properly. There is no such message. Still accepts user to log in with old passord that was first given to the user. I have tried explicitly to ensure change password at first log in. by
  BEGIN
  APEX_UTIL.CREATE_USER(
  p_user_name => 'NEWUSER1',
  p_web_password => 'secret99',
  p_change_password_on_first_use =>'Y');
  END;
  Still does not work. How can I ensure user to change password on first login.
  Hasan Al Mamun
  Programmer
  Bangladesh Bank
  Dhaka, Bangladesh

  Might be a long way around the problem but I would utilize a boolean flag in a column (FIRST_LOGIN) your custom auth table set to 'Y' when you create their account. Then on the login page have a page process something like:
  ** NOT TESTED **
  declare
  v_first VARCHAR2(10;
  v_session NUMBER;
  begin
  v_session := APEX_CUSTOM_AUTH.GET_NEXT_SESSION_ID;
  select FIRST_LOGIN into v_first from AUTH_TABLE where user_name = :P101_USERNAME and :P101_PASSWORD;
  if v_first = 'Y' then
  wwv_flow_custom_auth_std.login(
  P_UNAME => :P101_USERNAME,
  P_PASSWORD => :P101_PASSWORD,
  P_SESSION_ID => v_session,
  P_FLOW_PAGE => :APP_ID||':2' *** THIS IS YOUR PAGE TO HAVE THEM RESET THEIR PASSWORD ***
  else
  wwv_flow_custom_auth_std.login(
  P_UNAME => :P101_USERNAME,
  P_PASSWORD => :P101_PASSWORD,
  P_SESSION_ID => v_session,
  P_FLOW_PAGE => :APP_ID||':1' *** MAIN LOGIN PAGE *****
  EXCEPTION WHEN OTHERS THEN
  *** handled **
  end;
  The page 2 in this example would have an few items for them to enter their new password twice, a page process to update their password in the auth table and then redirect them to the intended first page.
  Not sure if it meets your setup.
  Ricker

• TMG 2010 publishing Exchange 2010 OWA cannot change password if user must change password at first logon is set

  Hi,
   I have an odd issue whereby if I set "user must change password" on an AD account, the end user cannot logon, they're simply taken back to the OWA login page as if their password is incorrect.
  My setup is as follows:
  outer TMG -- uses a listener for email.contoso.com and is configured for no authentication.This uses a publishing rule to publish the inner TMG server. This server is not a domain member.
  inner TMG - uses a listener for email.contoso.com and is configured for NLTM\kerberos negotiation with forms authentication (Windows Active Directory). This server is a domain member and use a publishing rule to publish the internal CAS. Allow users to change
  password is selected in the publishing rules.
  Exchange 2010 SP1 - uses integrated windows and basic authentication. Has the appropriate registry key configured to allow users to change their AD password on first logon.
  I've registered an snp for "http/email.contoso.com mailserver-dc1", all SSL certificates being used are valid and my configuration used to allow users to login and change their password with "user must change password on first login"
  set in AD.
  If I launch a web browser on an internal server and point it to email.contoso.com I'm immediately presented with a generic Windows authentication request (similar to what's seen in ADFS) rather than the standard OWA page. No matter what I do, I cannot login
  and change my password using the correct URL. However if I point my browser at
  http://192.168.4.10/owa I'm prompted to login and I can change my password using the sam credentials.
  The only recent changes made are:
  - Disabling SSL 3.0 and enabling TLS  (http://www.isaserver.org/articles-tutorials/configuration-security/improving-ssl-security-forefront-threat-management-gateway-tmg-2010-published-web-sites.html)
  - Replacing the TMG listener certificates so that they now use SHA2 rather than SHA2 (certificates are trusted on each TMG server)
  Looking on the outer TMG and the DC logs I can see schannel errors which I believe are related to the problem. TMG monitoring also shows "Failed connection attempt: 1907 The user'spassword must be changed before logging on for the first time"
  I've checked that my inner TMG and DC are using the same certificate for server authentication and gone through this guide:
  http://blogs.technet.com/b/keithab/archive/2012/02/29/setting-up-and-troubleshooting-ldaps-authentication-in-forefront-tmg-2010.aspx
  If I try to use ldp.exe on the inner TMG, I get the error in the pic below
  Thanks
  IT Support/Everything

  Hi,
  You could try to analyze the TMG tracing and try the troubleshoot steps in the blog below.
  TMG 2010 – FBA, troubleshooting the change password feature 
  http://blogs.technet.com/b/isablog/archive/2012/05/07/tmg-2010-fba-troubleshooting-the-change-password-feature.aspx
  Best Regards,
  Joyce

• Unable to change password while first logon on windows server 2008 R2 SP1 system

  Hi Team,
  Ad team has created new account for me with change password on first logon setting
  When I logged in on Windows Server 2008 r2 SP1 system with my new credentials I get a error message stating that
  "You must change your password before logging on the first time. For assistance, conatct your system administrator or technical support" 
  Concern:
  I do not get password change screen on first logon on the server. How should I change my password on first logon?

  Hi,
  I got resolution for above issue
  Run ==> type "tsconfig.msc" ==> double click "RDP-TCP" ==> change security layer to
  RDP Security layer ==> Apply ==> OK

• Require Change of Password on First Use

  Gurus,
  I need som help with regards to the Change of Password rule for users (new of APEX 3.0).
  I read from the help text:
  Select Yes to require the user of this account to change the password immediately after logging in the first time using the current password. This rule applies to the use of this account for workspace administration or development as well as to use of this account to log in to developed applications.
  So, I add a user and set 'Require Change of Password on First Use' to TRUE and the user logins on the 'Main page' (http://apex.oracle.com/pls/otn/f?p=4550:1:1944788853821985) APEX redirects to a change password page. Extremly cool!
  But here is the problem, if I build myself a little application (one empty page) and then have a user login to this application (not the same one, a brand new test user) the user is never challenged with the password change.
  Is this the way it is supposed to be and I can't read the documentation correctly or is there something I have missed?
  Cheers,
  Andy

  Andy,
  The workspace needs to "enable" the account expiration/locking feature. If you don't have it enabled, the new features are not available for end user accounts. To enable it, use the workspace admin app: Home>Administration>Manage Services>Set Workspace Preferences and click the "Enable" radio button for Account Expiration and Locking. We could have disabled the Account Availability (Locked/Unlocked) and Requre Change of Password on First Use user account attributes disabled when this fetaure is not enabled for the workspace but then you wouldn't be able to create accounts and set those attributes as you require in anticipation of enabling the feature for the workspace.
  Scott

• User change password after first logging in Oracle 11g

  Hi
  Can you help someone in connection with this problem:
  user can not change password after first logging in Oracle 11g
  All the best
  Ragip Avdijaj

  Sounds like they are not getting logged in at all, so they are never getting to the point where they can change the password, but we need to see more detail to give a better answer (an example or copy-paste of a sqlplus session might help)

• Restrict users from changing password on first login?

  Hi,
  I am doing mass user upload into UME using script import. How should I use the below functionality to restrict the users from changing password on first login?
  IUserAccount uacc =UMFactory.getUserAccountFactory().newUserAccount(uid,newUser.getUniqueID());
  uacc.setPassword("saras");
  uacc.setPasswordChangeRequired(false);
  How to implement above functionality with mass upload from script import?
  Thanks
  Srinivas
  Edited by: srinivas M on Jan 20, 2009 9:05 PM

  hi srinivas,
  try this api
  http://help.sap.com/javadocs/NW04S/current/se/com/sap/security/api/IUserAccount.html#isPasswordChangeRequired()
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/40d562b7-1405-2a10-dfa3-b03148a9bd19
  this document able to retrive the password.. same positon u can disable the field
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/10649c90-24af-2b10-1086-ea0667ec3655
  thanks

• Open Dir, SMB, AFP, Changing Password on first login (Windows)

  Hey all...
  I've read up on some documentation but have run into a roadblock trying to set up file sharing for Open Directory user accounts with OS X Server 10.5.6.
  I have AFP and SMB (and Open dir) services enabled.
  Using all default settings I am able to share files using other Windows and OS X machines.
  Under the Open directory service settings in Server Admin, I tried to enforce that user passwords be reset on first log in.
  When I log in using OS X, I get prompted to change my password and it works fine. When I'm using Windows (XP in this case), the username/password prompt that windows presents outright rejects the initial password. So when forcing users to change passwords, Windows users can no longer log in to share files.
  I've attached the SMB log that correspond to the attempted log in from the Windows machine.
  [2009/01/28 18:12:49, 0, pid=1913] /SourceCache/samba/samba-187.7/samba/source/auth/authodsam.c:opendirectory_smb_pwd_checkntlmv1(383)
  opendirectoryuser_auth_and_sessionkey gave -14161 [eDSAuthNewPasswordRequired]
  [2009/01/28 18:12:49, 0, pid=1913] /SourceCache/samba/samba-187.7/samba/source/auth/authodsam.c:opendirectory_opendirectory_ntlm_passwordcheck(598)
  I'd appreciate any advice =)

  Hey all...
  I've read up on some documentation but have run into a roadblock trying to set up file sharing for Open Directory user accounts with OS X Server 10.5.6.
  I have AFP and SMB (and Open dir) services enabled.
  Using all default settings I am able to share files using other Windows and OS X machines.
  Under the Open directory service settings in Server Admin, I tried to enforce that user passwords be reset on first log in.
  When I log in using OS X, I get prompted to change my password and it works fine. When I'm using Windows (XP in this case), the username/password prompt that windows presents outright rejects the initial password. So when forcing users to change passwords, Windows users can no longer log in to share files.
  I've attached the SMB log that correspond to the attempted log in from the Windows machine.
  [2009/01/28 18:12:49, 0, pid=1913] /SourceCache/samba/samba-187.7/samba/source/auth/authodsam.c:opendirectory_smb_pwd_checkntlmv1(383)
  opendirectoryuser_auth_and_sessionkey gave -14161 [eDSAuthNewPasswordRequired]
  [2009/01/28 18:12:49, 0, pid=1913] /SourceCache/samba/samba-187.7/samba/source/auth/authodsam.c:opendirectory_opendirectory_ntlm_passwordcheck(598)
  I'd appreciate any advice =)

• Changed password when first signing up to iPhoto now I can't send pictures

  I didn't realize you could not change password in iphoto share.  First time user . . .changed password when prompted to enter a password during first log-in to share.  Now, every time I want to share a photos, I get an error message that iphoto doesn't recognize email with password and therefore cannot share.  New to MAC and frustrated.

  Have you gone to the iPhoto accounts preference and set the correct password?
  or set Apple mail as your e-mial client in the iPhoto preferences
  LN

• Password policy "change password at first login" errors!

  Complete panic!
  I've updated to OS X Server 4.1 and all my users appear to be ok. All green lights within the server app. Computers are NOT giving the red light 'network accounts unavailable'. However, no one can login. Every user, new and old, are being prompted at login to create a new password (say: Password 1). They type in a new password (say: Password2), the box shakes like it didn't accept it. However, if they try to login again, it won't accept Password1. If they type Password2, they again get prompted to change the password.
  So it looks like it's accepting the password, but stuck in this reset password loop.
  I've checked in the server app and workgroup manager. Neither have 'reset password at first login' selected.

  Many Open Directory problems can be resolved by taking the following steps. Test after each one, and back up all data before making any changes.
  1. The OD master must have a static IP address on the local network, not a dynamic address. It must not be connected to the same network with more than one interface; e.g., Ethernet and Wi-Fi.
  2. You must have a working DNS service, and the server's hostname must match its fully-qualified domain name. To confirm, select the server by name in the sidebar of the Server application window, then select the Overview tab. Click the Edit button on the Host Name line. On the Accessing your Server sheet, Domain Name should be selected. Change the Host Name, if necessary. The server must have at least a three-level name (e.g. "server.yourdomain.com"), and the name must not be in the ".local" top-level domain, which is reserved for Bonjour.
  3. The primary DNS server used by the server must be itself, unless you're using another server for internal DNS. The only DNS server set on the clients should be the internal one, which they should get from DHCP if applicable.
  4. If you have accounts with network home directories, make sure the URL's are correct in the user settings. A return status of 45 from the authorizationhost daemon in the log may mean that the URL for mounting the home directory was not updated after a change in the hostname. If the server and clients are all running OS X 10.10 or later, directories should be shared with SMB rather than AFP.
  5. Follow these instructions to rebuild the Kerberos configuration on the server.
  6. If you use authenticated binding, check the validity of the master's certificate. The common name must match the hostname and domain name. Deselecting and then reselecting the certificate in Server.app has been reported to have an effect in some cases. Otherwise delete all certificates and create new ones.
  7. Unbind and then rebind the clients in the Users & Groups preference pane. Use the fully-qualified domain name of the master.
  8. Reboot the master and the clients.
  9. Don't log in to the server with a network user's account.
  10. Disable any internal firewalls in use, including third-party "security" software.
  11. If you've created any replica servers, delete them.
  12. If OD has only recently stopped working when it was working before, you may be able to restore it from the automatic backup in /var/db/backups, or from a Time Machine snapshot of that backup.
  13. Reset the password policy database:
  sudo pwpolicy -clearaccountpolicies
  14. As a last resort, export all OD users. In the Open Directory pane of Server, delete the OD server. Then recreate it and import the users. Ensure that the UID's are in the 1001+ range.
  If you get this far without solving the problem, then you'll need to examine the logs in the Open Directory section of the log list in the Server app, and also the system log on the clients.

• Disable Change password on first time login in portal

  Hi Experts,
  This question is with regard to the UME user.
  Portal asks its users to change the password on the first login. How can i remove this property. whatever password the admin assigns should be used to login at all the times. The portal should not ask to change the password on first login.
  Regards,
  KM

  Hi Kaustubh,
  Refer this link:
  how to disable the "change of password" field in login page of SAP portal?
  Regards,
  jithin

• Change password at first login

  Hi all,
  In my JSF web app, if a user has his password reset by an admin, the new password is emailled to him, and as soon as he logs with the new password in he MUST change his password, before being allowed to use any other part of the site.
  How can I force the "change password" screen to appear?
  My current "hack" is to add this code to the beginning of every single JSF page:
  <%
       final boolean userMustChangePasswordAtNextLogin = ((Boolean) MyAbstractView.evaluateValueBinding("#{loggedInUser.userBean.mustChangePasswordAtNextLogin}")).booleanValue();
       if(userMustChangePasswordAtNextLogin) {
  %>
       <html>
            <head>
                 <META HTTP-EQUIV="Refresh" CONTENT="0; URL=ChangePassword.jsp">
            </head>
       </html>
  <% } else { %>
       [Regular JSP/JSF page content...]
  <% } %>Is there a graceful JSF way of doing this? I've investigated the NavigationHandler, but it doesn't get invoked until the user clicks on a CommandButton or such like. I've investigated ViewHandler as well, but cannot see how this would help.
  Any advice appreciated & many thanks in advance...
  - Adam.

  Thanks a lot SirG ....
  This is what I have done so far:
  package com.abc.send.controller.security;
  import javax.faces.component.UIViewRoot;
  import javax.faces.context.FacesContext;
  import javax.faces.event.PhaseEvent;
  import javax.faces.event.PhaseId;
  import javax.faces.event.PhaseListener;
  public class LoginPasswordPhaseListener implements PhaseListener
       public void afterPhase(final PhaseEvent phaseEvent)
            // Nothing to do
       public void beforePhase(final PhaseEvent phaseEvent)
            if(phaseEvent.getPhaseId().equals(PhaseId.RENDER_RESPONSE))
                 final FacesContext facesContext = phaseEvent.getFacesContext();
                 final String viewId = facesContext.getViewRoot().getViewId();
                 final boolean userMustChangePasswordAtNextLogin = true;
                 if((!viewId.equals("/logout.jsp")) && userMustChangePasswordAtNextLogin)
                      final UIViewRoot newRoot = facesContext.getApplication().getViewHandler().createView(facesContext,
                           "/restricted/changePassword.jsp");
                      facesContext.setViewRoot(newRoot);
       public PhaseId getPhaseId()
            // Seems that returning PhaseId.RESTORE_VIEW here doesn't work, so we
            // have to use an if expression in beforePhase(..)
            return PhaseId.ANY_PHASE;
  }Then in the faces-config.xml:
  <lifecycle>
      <phase-listener>com.abc.common.jsf.view.ViewScopePhaseListener</phase-listener>
      <phase-listener>com.abc.common.jsf.filter.secureserver.SecureServerPhaseListener</phase-listener>
      <phase-listener>com.abc.common.jsf.filter.browservalidation.BrowserValidationPhaseListener</phase-listener>
      <phase-listener>com.abc.common.jsf.filter.security.SecurityPhaseListener</phase-listener>
      <phase-listener>com.abc.common.jsf.filter.postback.PostBackValidationPhaseListener</phase-listener>
    <phase-listener>com.abc.send.controller.security.LoginPasswordPhaseListener</phase-listener>
    </lifecycle>So if final boolean userMustChangePasswordAtNextLogin = true; then on a successfull login currently I should be taken to the changePassword.jsp right ?

• How to set iCloud password to previous used one?

  Hi,
  Hoping someone can possibly point me in the right direction regarding the following issue.
  Here goes my story.
  Last week I forgot my iPad mini retina wifi only in a restaurant and when I went back looking for it, about ten minutes later, well, it was no longer there. Obviously.
  The mini had the screen lock activated and the find my iphone option enabled. Untill there all well. (Except from losing my 1 week old device... Grrrr)
  Anyway, through the find my iphone app on my icloud account I put the device in lost mode, set up a message to be sent should the device connect to the internet and requested an erase as it held sensitive business information.
  Untill there I think all went ok, but then, in a panic reaction, and as to assure the new owner would not be able to access email and other stuff linked to my apple account, I reset the apple account password before it ever connected to the internet.
  Now, I believe this will make it impossible for the find my iphone app to actually erase and/or send the ipad lost message to the device is it not?
  My question: is there a way I can reset my password to the old one? Now I get the " use a password that was not used the last year" message when trying.
  Thanks in advance!

  You are right, you cannot just change your pasword back to the old one, but don't worry, your changed password should not affect Find My iPhone.

• How do you change password with out using cd on imac?

  How do you change password with out cd on imac?

  Please read:
  http://osxdaily.com/2011/08/24/reset-mac-os-x-10-7-lion-password/

• Satellite L450D-11V - Asks for password on first use

  My aged parents have bought their first computer - the L450D-11V.
  Have started it up but have been asked for a password. Retailer's help line was no help to them so they phoned dutiful daughter (me). I downloaded the manual but it simply says to follow the on screen instructions.
  Can anyone who bought this model recently tell me how to get past this?

  Hi mate,
  Which password you mean exactly?
  The BIOS password?
  The HDD password?
  The Windows password?
  Are you sure that you didnt set or another one?
  Anyway, normally a password shouldnt be set on first usage. You can contact an authorized service provider in your country. The guys can remove every password.