Symantec IGA

  • Private Community
 View Only
Back to discussions
Expand all | Collapse all

Tech Tip - CA Identity Manager: Create a Policy Xpress to force AD users to reset password on first login

  • 1.  Tech Tip - CA Identity Manager: Create a Policy Xpress to force AD users to reset password on first login

    Posted Sep 08, 2015 01:20 PM

    CA Identity Manager Tech Tip by Renato Pioker, Support Engineer for September 8th, 2015.

     

    Goal: create a Policy Xpress that ensures the new password to be set to the Active Directory user account, and also enforces the “User Must Change Password” flag after a Forgotten Password event.

    Steps to reproduce the Policy Xpress:

     

    1) Access the Modify Policy Xpress option;

    2) Find and open the desired Policy Xpress;

    3) Go to the Events tab, and make sure that the Policy is set to run after a ForgottenPasswordEvent:

    image001.jpg

     

    4) Go to the Data tab, and create a data field that grabs the user Full Name:

    image002.jpg

    5) Create a data field that grabs the user password:

    image003.jpg

    6) Go to the Action Rules tab, and create (or modify) an action rule to set the attributes into the AD account:

    image004.jpg

    image005.jpg

    image006.jpg

    7) Save the Policy and repeat the test to validate.



  • 2.  Re: Tech Tip - CA Identity Manager: Create a Policy Xpress to force AD users to reset password on first login

    Posted Oct 25, 2018 02:35 PM

    It does not run for IDM 14.2
    Any idea of the root cause?



  • 3.  Re: Tech Tip - CA Identity Manager: Create a Policy Xpress to force AD users to reset password on first login

    Posted Oct 25, 2018 03:32 PM

    We are running 14.1 SP5 and it works as expected. I dont know about 14.2. You may have to create a ticket with the support