NOTE:The Legacy Password Self-Service feature of the User Application is deprecated with this release. NetIQ strongly recommends that you start using SSPR for all password-specific tasks. The installation process enables SSPR by default.
When you upgrade from an older version of Identity Manager, the identity applications default to SSPR as the password management program. SSPR can use the NMAS method that Identity Manager traditionally has used for password management. However, SSPR does not recognize your existing password policies for managing forgotten passwords. You can bypass SSPR and use the legacy password management provider.
When a user requests a password reset, the legacy provider compares the user’s credentials to the password policies that you set. For example, it might requires the user to answer a challenge-response question. Based on the policy applied to that user, the program responds in one of the following ways:
Resets the password
Shows the password hint
Emails the password hint to the user
Emails a new password to the user
Use the legacy provider if your enterprise uses multiple or complex password policies. For example, your password policies are based on user roles. An intern might simply need a auto-generated password without a challenge response. For a manager who can access secure data, you might have more stringent requirements. This user might need to regularly reset the password. In both cases, you want the users to have self-service for password requests.
To use the legacy provider, modify the configuration settings for the identity applications after you install or upgrade Identity Manager. You do not need to reconfigure your password policies after the upgrade.