cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

IdM - Self password reset - MD5 encryption

Former Member

on ‎03-30-2010 10:36 AM

0 Kudos

Hello

We are trying to set the self password reset on IdM 7.1 SP4.

We want the user to be authenticated through his MSKEYVALUE and then he'll have to answer his secret question about his e-mail adress.

To do that, when we create the user, we fill the attribute MX_AUTHQ_001 with the e-mail adress from the other attribute MX_MAIL_PRIMARY (MX_AUTHQ_001 = %MX_MAIL_PRIMARY%). (A)

To configure the self service task we followed the self change password pdf.

When we enter the url "...idm/pwdreset", we enter the user's MSKEYVALUE, go to the next step, but when we enter the answer to the question (the e-mail adress), it doesn't go to the third step but launch the password reset failed task instead (means authentication doesn't work).

So we wanted to check the MD5 encryption result : we set a task to change the answer of the secret question in the portal. (B) This way, the self reset password task works.

We compared the encrypted answer in the MX_AUTHQ_001 after setting the answer through the portal (B) and after setting it through the automatic filling with MX_MAIL PRIMARY. (A)

The encryption result (MD5 encryption) is different even though it's supposed to be the same.

Have anyone ever had this problem and how was it solved?

Any help would be appreciated,

Regards

Clotilde

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎03-30-2010 4:46 PM
0 Kudos

Thanks for your answer. The first thing you said did the trick. The only thing we have to keep in mind is that we have to encrypt the e-mail adress in uppercase else it won't work. Then typing it in upper or lower case in the user interface doesn't change the result, it works.

Regards,

Clotilde

Show replies
Show replies
former_member205423
Participant
‎06-11-2010 11:43 AM
0 Kudos

Hi,

I am facing the similar problem with password reset. In my case, I have configured the tasks for password reset failed and password reset and for edit autorizations.

I am able to edit the questions from self service tab and update my answers.

However when user wants to reset the password and opend the URL

https://server:port/idm/pwdreset

now the application is asking for login details but not the userID for reset.

I have configured the steps in password reset tab too and enabled the password provisioning under password ploicy.

Former Member
‎06-15-2010 4:51 PM
0 Kudos

Hello

Can you be more precise? which login details are asked? how did you configure the password reset tab and the password policy?

Regards,

Clotilde

Former Member
‎03-30-2010 10:49 AM
0 Kudos

Hi & Welcome

What comes to my mind:

1. Use/Create a function that encrypts Par with MD5 and return the encrypted value for (A): (MX_AUTHQ_001 = $function.encryptMD5(%MX_MAIL_PRIMARY%)$$). I suppose this'll help because AUTHQ is stored as MD5 and you need to hash the value before you write it. The WebUI does this "behind the scenes" so it works there.

2. Create a test-task that uses a decryptMD5-Function on the MX_AUTHQ_001-value. After creating your entry with the standard procedure execute this task to see which value (A) saved for the attribute.

Regards

Michael

Show replies
Show replies
Ask a Question