Allow helpdesk users to override password policy
Hi,
We use the Access Manager with a directory server 5.2 behind.
We want to enforce some password policy for every users (minimum length, expiration, history, minimum age) so we defined a password policy with the CoS template on the directory server for those users.
We also have some helpdesk users which can manage the normal users via the Access Manager interface. They are allowed to change the user password if the user lost it.
We have two problems with that.
First, the helpdesk user have the same restriction as the user. They can't change his password if the user change it in the password minimum age period.
It is a way to tell the directory to use another password policy (i.e the same as the default one except for the minimum password age check) for a user entry if it's one of the helpdesk users which try to change the password?
Secondly, when the helpdesk give a new password for the user we want the user to change the password right after. Again this can't be done due to the minimum password age in the policy. Is it possible to remove the minimum password age when it's a helpdesk user which change the user entry password?
Vincent
