Changing password from IDM does not unlock account

This topic has 0 replies, 1 voice, and was last updated 4 years, 7 months ago by ivano.vingiani.

  • Author
    Posts
  • #20847
     ivano.vingiani
    Participant

    I’ve configured DS to lock accounts after 10 failed login attempts.
    We have a requirements to unlock the account after a password reset but this doesn’t seem to work when it’s done from IDM (tried both via selfservice endpoint and IDM UI).

    I can see that the attribute pwdChangeTime doesn’t get updated so I suppose the change is not propagated to DS.

    It doesn’t seem to be a sync issue since the password reset works fine for non-locked accounts.

    Following is the Password Policy configuration in DS

    Property : Value(s)
    ——————————————:————————–
    account-status-notification-handler : –
    allow-expired-password-changes : false
    allow-user-password-changes : true
    default-password-storage-scheme : Salted SHA-512
    deprecated-password-storage-scheme : –
    expire-passwords-without-warning : false
    force-change-on-add : false
    force-change-on-reset : false
    grace-login-count : 0
    idle-lockout-interval : 0 s
    last-login-time-attribute : –
    last-login-time-format : –
    lockout-duration : 1 h
    lockout-failure-count : 10
    lockout-failure-expiration-interval : 0 s
    max-password-age : 0 s
    max-password-reset-age : 0 s
    min-password-age : 0 s
    password-attribute : userPassword
    password-change-requires-current-password : false
    password-expiration-warning-interval : 5 d
    password-generator : Random Password Generator
    password-history-count : 0
    password-history-duration : 0 s
    password-validator : –
    previous-last-login-time-format : –
    require-change-by-time : –
    require-secure-authentication : false
    require-secure-password-changes : false

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?