Before running the Novell Client Login Extension, you must have a working Identity Manager application (for example, Identity Manager 3.5 or later) system and have the user application configured correctly to enable the Password Self-Service feature. For information on installing Identity Manager and the User Application, see the Identity Manager 4.0.1 Integrated Installation Guide.
To enable the Password Self-Service feature, perform the following:
Enable Universal Password.
Create a password policy or select an existing password policy.
Enable and configure the Forgotten Password option.
Assign the password policy to the appropriate users, groups, or container.
Enable SSL.
You initially set up the Password Self-Service feature through iManager by using the and options. For more information on the Password Self-Service feature, see “Managing Passwords by Using Password Policies” and “Password Self-Service” in the Password Management 3.2 Administration Guide.
Use the Identity Manager User Application to complete the password configuration. For information about configuring Password Self-Service through the Identity Manager User Application, see Forgot Password Web Service
in the User Application: Administration Guide.
NOTE:After completing the Password Self-Service, restart the operating system in the LDAP GINA, LDAP CP, or Microsoft GINA mode to effect password recovery assistance.
You also need to turn on SSL in JBoss. See Self-Signed Certificates
in the User Application: Administration Guide. The Client Login Extension does not work without SSL.
You must enable the URL rewriting when the User Application is deployed on the IBM WebSphere Application Server.
Log in to the Administration Console.
Go to the (for example, server1), then select on the Configuration tab.
Select the check box against .
Click then click .
Restart the WebSphere Application Server.
With the Forgotten Password feature enabled and the password policy assigned, you now have a valid HTML link for the restricted browser to use. This link needs to be configured for HTTPS, for example, https://hostname:8443/IDM/jsps/pwdmgt/ForgotPassword.jsf. Use this URL when running the Client Login Extension Configuration utility.