cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

End User Unlock and Password Reset in GRC AC 10.0

Former Member

on ‎03-04-2014 5:29 PM

0 Kudos

Hi Dears,

I have an issue related to End User Unlock and Password Reset.

We maintained Data Source as SU01 in SPRO, So that User can able to access GRC Application through End User Login with ECC System login
Details for raise a request.

If user is locked or forget ECC system password, then user not able to access GRC Application through End User Login with ECC System login Details for Unlock or reset Password.

In this situation, how user can unlock or reset the Password for ECC System.

Could you please provide the solution to resolve the Issue.

Note:- No LDAP or Acitive Directory.

System Details :- GRC AC 10.0 , SP12.

Regards,

Karnatak.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member193066
Active Contributor
‎03-05-2014 9:47 AM
0 Kudos

Then you dont need Authentication.


Regards,

Prasant

Show replies
Show replies
Former Member
‎03-11-2014 6:21 PM
0 Kudos

Thanks to Colleen and Prasant for responding and sorry for late Replay.

If i not maintain User Authentication, then any one can submit the request with any User ID.

because , it never ask password for any user ID. So we can not give access like this. Could you please suggest me any solution to resolve the issue.

i appreciate for swift response.

Regards,

Karnatak

Colleen
Advisor
Advisor
‎03-11-2014 11:37 PM
0 Kudos

Hi Rupesh

That was my warning on the post I linked you to

Quite a few PSS solutions have this as a setup (even SCN). The key thing you are reliant on is that the email account must be restricted to only the user to receive the password/link as well as appropriate Challenge Response Questions defined as part of their registration.

But yes, they can technically enter any User id to request the password and if they know the answers to the questions then they will get the password issue.

Your alternatively is to introduce another system (i.e. AD which you ruled out) or see if there is a way to introduce a second factor authentication (I don't believe this is delivered with GRC).

Regards

Colleen

Former Member
‎03-17-2014 4:24 PM
0 Kudos

Thanks lot Colleen.

As suggested, Finally we go through with manual process to Reset and Unlock user.

I really appreciate for your abundant replays. Thanks a lot once again

Regards,

Karnatak

Colleen
Advisor
Advisor
‎03-05-2014 2:46 AM
0 Kudos

Hi Rupesh

You either need to have a different Data Source - without LDAP it's looking unlikely as an option.

Alternatively, you switch off the verification so they can just enter their User Id and rely on reset sent to their email account. Your risk here is a user can go in and request a password for anther account. You are therefore relying on users email accounts to be restricted to their own access

Regards

Colleen

Ps - have a look at this SCN post where I mentioned the verification option

Show replies
Show replies
Ask a Question