We have IDM 12.6.8 on WebLogic 12.1.3
Im working with the forgotten password task to give the users the ability to reset their Active Directory password. I need to configure IDM in a way that if a users fails on the verification page three times this would disable the user.
By default IDM offers this funcionality with minor configuration, the thing is that when i have the "Disable User" checkbox marked on the Forgotten password task search screen and the user fails 3 times, this disables the user on IDM but also on AD Endpoint. Apparently when i disable the user on IDM it syncs to AD.
Is there a way to configure IDM in order to NOT sync the "Disable/Enable User" Attribute to the AD Endpoint??
Thanks in advanced.
I believe you can do Modify Admin Task -> select your Forgotten Password task -> profile page.
You will see two flags: Sync User and Sync Accounts.
I believe that you can turn them off and that will take care of what you asked.