cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Self-Service Reset Password Issue (IDM Version 7.20.7)

Go to solution
Former Member

on ‎03-01-2013 10:32 AM

0 Kudos

Hello,

Context: I m trying to set up a self services for business endusers that includes "Own data" and "Reset Password".


I easily succeeded to configure the "Own data" functionnality link.

But about the "Reset Password" I am confused how can I integrated it a Self Services page.

Let me show you what has been built up so far with pics (easier). I actually followed the guide called "Self-service password reset Version 7.2 Rev 3".

In the MMC:

Result in the UI:

Both Tasks appear well :

And below is my issue. Here is what I get by clicking on the Reset Password link:

But I would like to get the "http://<host>:<port>/idm/pwdreset" page (example below from guide) and not the window above !

How can I do that (triggered the link to the url pwdreset)?

By the way, what authorizations exactly (and where: UME + MMC) are required to access that url "http://<host>:<port>/idm/pwdreset" because at the moment I get this

Here is what is set up in the Web task:

And in the UME that user is assigned to the group "Authenticated Users" which includes the role "idm.authenticated" that includes itself the action "tc~idm~jmx~ump" which is the one indicated in the guide (but for anonymous users)

Any advices would be really appreciated !


Regards

 

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member2987
Active Contributor
‎03-01-2013 1:31 PM
0 Kudos

Julien,

Access control should be set to Anonymous.  Additionally make sure that you are not logged into any other IDM session on that computer when you do the SSPR.

Regards,

Matt

Show replies
Show replies
Former Member
‎03-01-2013 2:22 PM
0 Kudos

Thanks Matt.

Answers (3)

Answers (3)

Former Member
‎03-04-2013 9:40 AM
0 Kudos

You are all right. I have myself noticed how dumb it is what I tried to put in place (to login to reset a password). What I have now just set up in the self-services is the productive password change.


And the browser sessions still opened were the prob regarding the access to the pwdreset url.

Show replies
Show replies
Murali_Shanmu
Active Contributor
‎03-04-2013 8:06 AM
0 Kudos

Hi Julien,

Did you follow this document? Usually the Password Change screen would be configured as Anonymous access and placed on the Intranet. The reason being, if you get locked out, it might be hard to get even into IdM. This document also shows how to setup this application and assign "idm_anonymous" privileges.

As Matt pointed out, ensure you log off from all your browser sessions and then access the Password Change Application

Cheers

Murali

Show replies
Show replies
jared_kobe
Participant
‎03-01-2013 2:56 PM
0 Kudos

Julien,

It is my understanding that the password self-service task at the

"http://<host>:<port>/idm/pwdreset" URL is for anonymous users only (like a "Forgot Password?" link on a login screen) and cannot be accessed from the Self-Services tab. In order to access the Self-Services tab, the user would have to have to authenticate with the AS Java, and if the user can supply their ID and password, they are not anonymous.

In my organization, we have two seperate password self-service tasks. One that was created and is configured on the Identity Store per the guide, with access control anonymous as Matt said, and on that is a normal Ordered Task (like the Maintain Own Data task) that has MX_PASSWORD on the Attributes Tab, and has an access control as you have configured above. We have a link on our login page that goes to the task we have configured per the guide. The other task shows up on the self-services tab, and that allows users to change their password after they have authenticated without having to answer the security questions.

I hope that helps.

Jared

Show replies
Show replies
Ask a Question