November 5, 2018 at 12:15 pm #23763
is it pssible to force users to change the password on the first login. In ldap we have the parameter pwdReset and this parameter will be set ‘true’ if the password was reset by administrator or the user account was new created.November 7, 2018 at 6:50 pm #23811
so what’s the question? Just make pwdReset to true when you created the new usersNovember 7, 2018 at 7:03 pm #23812
if I set this parameter then the user cannot login and if this parameter is false then the user can login without problemNovember 7, 2018 at 7:07 pm #23813
Why this parameter equal ‘true’ then the user cannot login? Because that’s what I did currently, when create new user give user a temp password and set pwdReset to ‘true’November 7, 2018 at 7:15 pm #23814
do you use openidm login page or openam?November 7, 2018 at 7:25 pm #23815
openamNovember 7, 2018 at 7:26 pm #23816
:) we use only openidm, but i think we must install openam to force password change.December 3, 2018 at 2:06 pm #24036chris-fryParticipant
Got a similar proof-of-concept working using a mapping from a boolean attribute in IDM to iplanet-am-user-password-reset-force-reset in OpenDJ and a Scripted Authentication module in OpenAM to force the redirect to a custom change password app.
Here’s another forum post about it: https://forum.forgerock.com/topic/change-password-on-next-login-custom-redirect/
You must be logged in to reply to this topic.