24.2 Enabling Password Management

Use the Oracle Access Management Console to enable the Password Management service. This is done as a configuration of the defined user identity store.

The Password Management feature is only supported when the identity store used is an LDAP directory.

1. Log in to the Oracle Access Management Console as Administrator.
2. Click Configuration at the top right of the Oracle Access Management Console.
3. Click User Identity Stores in the Configuration console.
4. Select the appropriate LDAP directory to enable Password Management.

   Alternately, click Create to register a user identity store. See Managing Data Sources for details.

5. Under Password Management, check Enable Password Management.
6. Define the Password Management parameters and click Apply to save.

   Table 24-1 documents the parameters used for configuration.

Table 24-1 Password Policy Configuration Parameters

Parameter	Description
Enable Password Management	Enables password management for this identity store. If password management is not enabled, the password plugin returns right away and the status is not captured.
Use Oblix Schema	If checked, the Oblix schema is used. If not, the Oracle Schema is used.
Global Common ID Attribute	This is the userid attribute used for password policy verification to make sure the password doesn't contain the user id attribute value.
First Name Attribute	This is the first name attribute used for password policy verification to make sure the password doesn't contain the first name attribute value.
Last Name Attribute	This is the last name attribute used for password policy verification to make sure the password doesn't contain the last name attribute value.
Email Address Attribute	This is the email attribute of the users in this identity store. It is used for password policy verification.