This topic has 187 replies, 22 voices, and was last updated 7 months, 1 week ago by anisha.mullamuri.

  • Author
  • #27577

    I’m Bao from Falls Church, Virginia. I’ve been a user of OpenAM starting from version 10.0.0. Currently trying to find a way to move to a newer version of OpenAM.


    I am open for discovering the web !


    I want to learn more about Linux code and other OS systems


    Hi Jamie,

    I’m working in consulting firm and started working with ForgeRock. I have prior experience with other Access Management products. The current project involves building DevOps capability for our client. I need certain information on these OOTB IDM attributes below, what are these and what each is meant for ?

    Attribute Property Label Type
    roles Provisioning Roles Relationship
    manager Manager Relationship
    authzRoles Authorization Roles Relationship
    reports Direct Reports Relationship
    effectiveRoles Effective Roles Array
    effectiveAssignments Effective Assignments Array
    lastSync Last Sync timestamp Object
    kbaInfo Array
    preferences Preferences Object
    consentedMappings Consented Mappings Array


    Hi at all,

    I have a problem that I need help with. My Use Case is: When a new user is added to DJ by an administrator, the user is required to reset his password at initial login. This also applies when an administrator resets a user’s password. The problem is that IDM does not set the pwdReset attribute in DJ to false for a user initiated password reset, so the user can log in normally. On the contrary, with an implicitSync, the pwdReset is set to true.

    I have installed IDM 6.5.03 and DJ 6.5 on my virtual machine. Both systems can communicate with each other. Up to now, IDM has configured the user self-service functionality, bidirectional synchronization to the DJ and a connector. The following password policy has been configured in DJ:

    Property : Value(s)


    account-status-notification-handler : –

    allow-expired-password-changes : true

    allow-multiple-password-values : false

    allow-pre-encoded-passwords : false

    allow-user-password-changes : true

    default-password-storage-scheme : Salted SHA-512

    deprecated-password-storage-scheme : –

    expire-passwords-without-warning : false

    force-change-on-add : true

    force-change-on-reset : true

    grace-login-count : 0

    idle-lockout-interval : 0 s

    java-class : org.opends.server.core.PasswordPoli

    : cyFactory

    last-login-time-attribute : –

    last-login-time-format : –

    lockout-duration : 0 s

    lockout-failure-count : 0

    lockout-failure-expiration-interval : 0 s

    max-password-age : 0 s

    max-password-reset-age : 0 s

    min-password-age : 0 s

    password-attribute : userPassword

    password-change-requires-current-password : false

    password-expiration-warning-interval : 5 d

    password-generator : Random Password Generator

    password-history-count : 7

    password-history-duration : 0 s

    password-validator : Attribute Value

    previous-last-login-time-format : –

    require-change-by-time : –

    require-secure-authentication : false

    require-secure-password-changes : false

    skip-validation-for-administrators : false

    state-update-failure-policy : reactive

    I hope anybody can help me, best regards


    Hello everyone! I want learn openam,because my work need it.



    This is my first time with OpenAM and I am trying to set up OpenAM 14.5.1 following wiki. I completed the steps to protect the page with OpenAM. However, when I log in using the demo account, the page goes to a redirection loop. I do see the cookie iPlanetDirectoryPro being set in the browser.

    I am a PhD student and I am trying to use OpenAM to do a little demo on the IRM concepts as part of my dissertation. Professionally I have been working in IAM and Cybersecurity domains for some years.



    Hello all,

    I just started working in a team implementing the ForgeRock products, I’m currently taking the AM-400 trainings.



    I’m Marco Fanti and I work at a behavioral analytics company, Behaviosec. I am responsible for integrations of BehavioSec’s product and ForgeRock’s IAM products.



    I am Tamas Pakolicz and I work as a contractor for Hungarian Telekom.
    I have experience with OpenDJ since 2.4. I started using directory servers with Netscape Directory 3.6 more than 20 years ago.
    Now I run some OpenDJ 2.6 servers on network boot FreeBSD servers as read only LDAPs synchronized from Old Sun ONE DS-es with a little perl script I wrote a couple of years ago. I am in the process of upgrading the system to Forgerock DS 6.5 to clean up the old clutter.


    I am part of the product owner team and help with the implementation of a nice IAM solution in Germany.


    Hello….. I’m NewBie to this forum.
    I think this forum helps my issues in DevOps.


    I am Mahesh and looking for information to run OpenIDM as a foreground long-lived process inside a Docker container.
    I hope to find more information and help from the community.



    Hello All,

    I am Ramesh Mahadevan, working to get IDM solution setup in Kubernetes. Looking for some help on the way



    My name is Larry and I’m not a ForgeRock user… you probably don’t see that often. I do work with a company called HashiCorp, that has a product called Vault. We have many mutual customers that would like the two tools to work together, and especially to authenticate against ForgeRock IDM.

    Hoping someone can help direct me to a Product Manager to discuss. Or, once I have ability post a new topic here, I’ll share more details.

    Thanks everyone, I expect I’ll be learning more about FR soon!


Viewing 15 posts - 166 through 180 (of 187 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?