Hi,
I would like to know few things:-
I want to create a user on sun identity manager so that when this user logs in the first time he should be force to change his password?
How can I accomplish this?
Is there a option for sun identity manager to generate password (according to password policy) rather than the admin manually entering password for the user he is trying to create?
Thanks!
Answer to both your questions is 'yes'. To force the user to change the password on the first login, you must set the "temporary password expires in" option to 0 days, in the policy.
And below is the rule that I use to generate a random password based on lighthouse password policy:
<Rule name='getRandomPassword'>
<Description>Generates random password based on password policy</Description>
<block>
<invoke name='decryptToString'>
<invoke name='generatePassword'>
<new class='com.waveset.provision.PasswordGenerator'>
<invoke name='getObjectNames' class='com.waveset.ui.FormUtil'>
<ref>lighthouseContext</ref>
<s>User</s>
</invoke>
</new>
<invoke name='getObject'>
<ref>:display.session</ref>
<s>Policy</s>
<s>Password Policy</s>
</invoke>
<new class='com.waveset.object.WSUser'/>
</invoke>
</invoke>
</block>
</Rule>
Hope this helps!
Suvesh Sharma
Hi,
I tried setting "Reset temporary password expires in" to 0, but it does not work.
My Settings are as follows:
Password Policy Options
======================
Password policy: Password Policy
Password Provided by : user
Expires in: 60 Days
Warning time before expiration: 15 Days
Reset Option: temporary
Reset temporary password expires in: 0 Days
Reset Notification Option: email
What I want is, when a user is created the password for this user should be generated by the system. Secondly when he logs in the first time he should be asked to change his password. Is the "Reset temporary password expires in" option related to password reset alone or does it also work for newly created users?
Thanks!
