This section tells you how to use the Password Management pages on the Identity Self-Service tab of the Identity Manager User Application. Topics include:
NOTE:This section describes the default features of the Password Management pages. You might encounter some differences because of your job role, your level of authority, and customizations made for your organization; consult your system administrator for details.
For more general information about accessing and working with the Identity Self-Service tab, see Section 9.0, Managing Your Profile.
You can use the Password Management pages to do any of the functions listed in Table 11-2, Password Management Functions:
Table 11-2 Password Management Functions
|
This Password Management page |
Enables you to |
|---|---|
|
Password Challenge Response |
Set or change either of the following:
|
|
Password Hint Change |
Set or change your password hint |
|
Change Password |
Change (reset) your password, according to the rules established by your system administrator |
|
Password Policy Status |
Review your password policy requirements. |
|
Password Sync Status |
Display the status of synchronization of application passwords with the Identity Vault NOTE:Accessing applications prior to completion of synchronization causes application access issues. |
Challenge questions are used to verify your identity during login when you have forgotten your password. If the system administrator has set up a password policy that enables this feature for you, you can use the Password Challenge Response page to:
Specify responses that are valid for you when answering administrator-defined questions
Specify your own questions and the valid responses for them (if your password policy enables this)
To use the Password Challenge Response page:
On the Identity Self-Service tab, click Password Challenge Response in the menu (under Password Management).
The Password Challenge Response page displays.
Type an appropriate response in each Response text box (they are all required), or use your previously stored response. When Use Stored Response is selected, the challenge answers, including the labels, are not shown. In addition, user-defined challenge questions are disabled.
Make sure you specify responses that you can remember later.
Specify or change any user-defined questions that are required. You may not use the same question more than once.
Click Submit.
After you save the challenge responses, the User Application displays a message indicating that the challenge responses were saved successfully and displays the challenge response screen again with "Use Stored Response?" selected.
A password hint is used during login to help you remember your password when you have forgotten it. Use the Password Hint Change page to set or change your password hint.
On the Identity Self-Service tab, click Password Hint Change in the menu (under Password Management).
The Password Hint Definition page displays.
Type the new text for your hint.
Your password cannot appear within the hint text.
Click Submit.
The status of your request displays.
You can use this page whenever you need to change your password (providing that the system administrator has enabled you to do so).
On the Identity Self-Service tab, click Change Password in the menu (under Password Management).
The Change Password page displays. If the system administrator has set up a password policy for you, the Change Password page typically provides information about how to specify a password that meets the policy’s requirements. For example:
If no password policy applies, you’ll see the basic Change Password page, which simply provides fields for changing your password.
From version 4.0.2, the User Application supports the following password syntax types:
Microsoft complexity policy
This password syntax type is used for backward compatibility with Active Directory 2003.
Microsoft Server 2008 Password Policy
This is a new password syntax type that has been added to eDirectory 8.8.7 to support Active Directory 2008.
The following settings are supported with Microsoft Server 2008 Password Policy:
Use Microsoft Server 2008 Password Policy
Maximum number of complexity policy violations in password (0-5)
Novell syntax
The following new settings are supported with the Novell syntax:
Minimum number of non-alphabetic characters (1-512)
Maximum number of non-alphabetic characters (1-512)
For all three types password syntax types, the User Application supports the following features:
Number of characters different from current password and passwords from history (0-6)
Number of passwords in history to be considered for character exclusion (0-10)
If your administrator has enabled the Microsoft Server 2008 Policy syntax, fill the following fields in the Change Password page:
Type your current password in the Old password text box.
Type your new password in the New password text box.
Type your new password again in the Retype password text box.
Click Submit.
If your new password violates any of the password rules defined by your administrator, you will see an error message on the Change Password page. If you are using Microsoft Server 2008 Policy, and your password is in violation, the user interface will show this message at the top of the page:
Password AD2008 complexity policy violation.
If your new password is in violation, review the password rules defined by your administrator, and try again.
You might be prompted to supply a password hint, if your administrator configured your security policy to do so. If so, see Password Hint Change.
The status of your request is displayed.
You are assigned a password policy by your administrator. The policy determines the security measures associated with your password. You can check your password policy requirements as follows:
On the Identity Self-Service tab, click Password Policy Status in the menu (under Password Management).The Password Policy Status page displays.
Items labeled invalid are items that you cannot change.
Use the Password Sync Status page to determine if your password has been synchronized across applications. Access another application only after your password has synchronized. Accessing applications prior to completion of synchronization causes application access issues.
On the Identity Self-Service tab, click Password Sync Status in the menu (under Password Management).The Password Sync Status page displays. Full-color icons indicate applications for which the password is synchronized. Dimmed icons indicate applications that are not yet synchronized.
NOTE:Only the administrator can see the Select User box.