Chat now with support
Chat with Support

Identity Manager 8.1.4 - Operational Guide

About this guide Simulating data changes in the Manager Scheduling operations activation times Re-applying templates Exporting data with Manager Analyzing data and data changes Analyzing process monitoring in the Manager Schedules in One Identity Manager Mail templates in One Identity Manager Password policies in One Identity Manager Working with change labels Checking data consistency Compiling a One Identity Manager database Transporting custom changes Importing data with Data Import Importing and exporting individual files for the software update Command line programs

Password expiry

Employee and system user based authentication modules support password expiry. The columns Person.PasswordLastSet and DialogUser.PasswordLastSet contain the time and date that the password was last changed.

There are different ways to inform employees that their password is going to expire:

  • Users are alerted about their password expiring when they log in to One Identity Manager and can change their password if necessary.
  • For employee-based authentication modules, the system sends reminder notifications in relation to expiring passwords as of seven days in advance of the password expiry date.
    • You can adjust the time in days in the Common | Authentication | DialogUserPasswordReminder configuration parameter. Edit the configuration parameter in the Designer.
    • The notifications are triggered in accordance with the Reminder system user password expires schedule and use the Employee - system user password expires mail template. You can adjust the schedule and mail template in the Designer if required.

TIP: To prevent passwords expiring for service account, for example, you can set Password never expires (DialogUser.PasswordNeverExpires) in the Designer for the affected system users.

For detailed information about the One Identity Manager authentication modules and about editing system users, see the One Identity Manager Authorization and Authentication Guide.

Related topics

Displaying locked employees and system users

If a user has reached the number of maximum failed logins, the employee or system user can no longer log in to One Identity Manager.

  • Locked employees are displayed in the Manager in the Employees | Locked employees category. An additional message referring to the locked login is also displayed on the overview form for an employee.

  • Locked system users are displayed in the Designer in the Permissions | System users | Locked system users category. An additional message referring to the locked login is also displayed on the overview form for a system user.

You can reset the passwords of employees and system users who have been blocked in Password Reset Portal. For more detailed information, see the One Identity Manager Web Portal User Guide.

Working with change labels

Define change labels under which changes are grouped together in order to swap data between development and test databases as well as the productive database.

Change labels contain changes to individual properties of an object at a certain point in time.

IMPORTANT: Consistently book all changes to an object to the change label. It is not possible to add changes of individual properties to the change label at a later date.

In the Database Transporter program, change labels are provided as an export criterion for creating custom configuration packages. When you create a custom configuration package, single object properties are added to the transport package. The properties contain the values given at the time they were added.

You can create and edit change labels in different One Identity Manager tools. The procedure is similar in all tools. Change labels are allocated using different methods depending on the One Identity Manager tool. Changes are normally allocated before or on saving the changes in the database.

Detailed information about this topic

Creating and editing change labels

NOTE: To use change labels in the Manager, the Manager must be running in expert mode.

To create or edit change labels in the Designer

  1. Select Database | Change management in the Designer.
  2. In the Change management dialog next to the Change labels menu, click .
  3. In the Change labels dialog, create a new change label by clicking .

    - OR -

    Select a change label from the list and open the edit view using .

  4. Enter the following label data.
    Table 32: Change label properties
    Property Meaning

    Change label

    Change label name. This name is used to select the change label for allocating the changes or creating a customer transport package.

    Description

    Detailed description of the change label

    Parent change label

    Specifies a parent label (optional).

    Status

    Status of object changes, such as Development, Test, Production.

    Status comments

    Additional comments in relation to the status

    Comment

    Additional information to enable tracking of changes to a change label

    Label type

    Label type for more detailed classification Permitted values are Change, Other, IT Shop, Keyword and Release. The Change label type is used by default.

    Locked

    Indicates if the change label is locked. If a change label is locked, no further changes can be booked to this label.

  5. Click the button.
  6. Click OK.

    The Change label dialog closes. The change label is pre-selected in the Change management dialog in the Change label menu.

Related topics
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating