Sun OpenSSO Enterprise 8.0 Integration Guide

Configuring the Identity Manager Password Controls

When the Identity Manager password controls are configured for administrator-initiated password reset, the following occur:

ProcedureTo Configure the Identity Manager Password Controls

  1. Log in to Identity Manager as an administrator.

  2. Navigate to the Configure tab.

  3. Click on the link "Form and Process Mappings.”

  4. Search for the entry "endUserChangePassword. "

    In the text field, replace "End User Change Password Form" with "Basic Change Password Form.”

  5. Save the changes.

ProcedureTo Test the Identity Manager Password Control Configuration

  1. Login to Identity Manager as a regular user .

  2. Under the "Profile" tab, go to the "Change password" page.

    You should see that SunAccessManagerRealm requires the old password.

  3. Enter the user's the old password, the new password, and confirmation of the new password,

    The user's password should be set in the Directory Server user data store as a "self-change” instead of am "admin-change.” This is especially important if the pwdMustChange or passwordMustChange attributes had been earlier set on the user's profile on the Directory Server. If the self-change configuration is not implemented, when the user logs back into OpenSSO Enterprise, the user will be asked to change his password again