“pwdReset” attribute in OpenDJ is not changed by OpenIDM

Tagged: ,

This topic has 0 replies, 1 voice, and was last updated 4 months, 1 week ago by HichamLabra.

  • Author
    Posts
  • #27761
     HichamLabra
    Participant

    Hello community,

    I have a problem that I need help with. My Use Case is: When a new user is added to DJ by an administrator, the user is required to reset his password at initial login. This also applies when an administrator resets a user’s password. The problem is that IDM does not set the pwdReset attribute in DJ to false for a user initiated password reset, so the user can log in normally. On the contrary, with an implicitSync, the pwdReset is set to true.

    I have installed IDM 6.5.03 and DJ 6.5 on my virtual machine. Both systems can communicate with each other. Up to now, IDM has configured the user self-service functionality, bidirectional synchronization to the DJ and a connector. The following password policy has been configured in DJ:

    Property : Value(s)
    ——————————————:————————————
    account-status-notification-handler : –
    allow-expired-password-changes : true
    allow-multiple-password-values : false
    allow-pre-encoded-passwords : false
    allow-user-password-changes : true
    default-password-storage-scheme : Salted SHA-512
    deprecated-password-storage-scheme : –
    expire-passwords-without-warning : false
    force-change-on-add : true
    force-change-on-reset : true
    grace-login-count : 0
    idle-lockout-interval : 0 s
    java-class : org.opends.server.core.PasswordPoli
    : cyFactory
    last-login-time-attribute : –
    last-login-time-format : –
    lockout-duration : 0 s
    lockout-failure-count : 0
    lockout-failure-expiration-interval : 0 s
    max-password-age : 0 s
    max-password-reset-age : 0 s
    min-password-age : 0 s
    password-attribute : userPassword
    password-change-requires-current-password : false
    password-expiration-warning-interval : 5 d
    password-generator : Random Password Generator
    password-history-count : 7
    password-history-duration : 0 s
    password-validator : Attribute Value
    previous-last-login-time-format : –
    require-change-by-time : –
    require-secure-authentication : false
    require-secure-password-changes : false
    skip-validation-for-administrators : false
    state-update-failure-policy : reactive

    I hope anybody can help me

    Best regards
    Hicham

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?