“pwdReset” attribute in OpenDJ is not changed by OpenIDM

Tagged: ,

This topic has 0 replies, 1 voice, and was last updated 10 months ago by HichamLabra.

  • Author
  • #27761

    Hello community,

    I have a problem that I need help with. My Use Case is: When a new user is added to DJ by an administrator, the user is required to reset his password at initial login. This also applies when an administrator resets a user’s password. The problem is that IDM does not set the pwdReset attribute in DJ to false for a user initiated password reset, so the user can log in normally. On the contrary, with an implicitSync, the pwdReset is set to true.

    I have installed IDM 6.5.03 and DJ 6.5 on my virtual machine. Both systems can communicate with each other. Up to now, IDM has configured the user self-service functionality, bidirectional synchronization to the DJ and a connector. The following password policy has been configured in DJ:

    Property : Value(s)
    account-status-notification-handler : –
    allow-expired-password-changes : true
    allow-multiple-password-values : false
    allow-pre-encoded-passwords : false
    allow-user-password-changes : true
    default-password-storage-scheme : Salted SHA-512
    deprecated-password-storage-scheme : –
    expire-passwords-without-warning : false
    force-change-on-add : true
    force-change-on-reset : true
    grace-login-count : 0
    idle-lockout-interval : 0 s
    java-class : org.opends.server.core.PasswordPoli
    : cyFactory
    last-login-time-attribute : –
    last-login-time-format : –
    lockout-duration : 0 s
    lockout-failure-count : 0
    lockout-failure-expiration-interval : 0 s
    max-password-age : 0 s
    max-password-reset-age : 0 s
    min-password-age : 0 s
    password-attribute : userPassword
    password-change-requires-current-password : false
    password-expiration-warning-interval : 5 d
    password-generator : Random Password Generator
    password-history-count : 7
    password-history-duration : 0 s
    password-validator : Attribute Value
    previous-last-login-time-format : –
    require-change-by-time : –
    require-secure-authentication : false
    require-secure-password-changes : false
    skip-validation-for-administrators : false
    state-update-failure-policy : reactive

    I hope anybody can help me

    Best regards

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?