1.0 Understanding Password Management

Identity Manager helps you manage user passwords across multiple accounts. You can synchronize passwords among systems, allow users to change their passwords, and enable users to recover from forgotten passwords.

In the following diagram, the Identity Manager system is configured to synchronize passwords for users who have Active Directory and SunOne accounts. In addition, password self-service is enabled through the Identity Manager User Application so that users can change their passwords and, if necessary, recover from forgotten passwords.

Figure 1-1 Password Management with Identity Manager

Identity Manager provides synchronization of passwords between the Identity Vault and connected systems. It also supports password self-service, which is the ability for users to change their own passwords and recover from forgotten passwords.

The following sections introduce you to the concepts you need to understand to successfully implement password synchronization and password self-service: