To Expire Passwords Using the Identity Manager Account
Policy
When you reset a user password, the password is immediately expired by default. Consequently, the first time users log in after a password reset, they must select a new password to gain access. You can use the Edit the Reset User Password form to override this default, so that the user’s password will expire according to the expire password policy set in the Identity Manager Account Policy associated with that user.
Use the following process to override the default change-password requirement:
-
Edit the Reset User Password Form and set the following value to false.
resourceAccounts.currentResourceAccounts[Lighthouse].expirePassword
-
Use the Reset option in the Identity Manager Account Policy to specify when a password expires.
The settings include
-
permanent. Identity Manager uses the time period specified in the passwordExpiry policy attribute to calculate the relative date from the current date when the password is reset, and then set that date on the user. If no value is specified, the changed or reset password never expires.
-
temporary. Identity Manager uses the time period specified in the tempPasswordExpiry policy attribute to calculate the relative date from the current date when the password is reset, and then set that date on the user. If no value is specified, the changed or reset password never expires. If tempPasswordExpiry is set to a value of 0, then the password is expired immediately.
The tempPasswordExpiry attribute applies only when passwords are reset (randomly changed). It does not apply to password changes.
-
- © 2010, Oracle Corporation and/or its affiliates