Chat now with support
Chat with Support

Identity Manager 8.0 - Identity Management Base Module Administration Guide

Basics for Mapping Company Structures in One Identity Manager Managing Departments, Cost Centers and Locations Working with Dynamic Roles Employee Administration
One Identity Manager Users for Employee Administration Basic Configuration Data for Employees Entering Employee Master Data Employee's Central User Account Employee's Central Password Employee's Default Email Address Disabling and Deleting Employees Assigning Company Resources to Employees Origin of an Employee's Roles and Entitlements Analyzing Role Memberships and Employee Assignments Mapping Multiple Employee Identities Limited Access to One Identity Manager Additional Tasks for Managing Employees Determining an Employee‘s Language Determining an Employee‘s Working Hours Employee Reports
Managing Devices and Workdesks Managing Resources Set up Extended Properties Appendix: Configuration Parameters for Managing Departments, Cost Centers and Locations Appendix: Configuration Parameters for Managing Applications Appendix: Configuration Parameters for Managing Devices and Workdesks Appendix: Authentication Modules for Logging into the One Identity Manager

Predefined Password Policies

Predefined Password Policies

You can customize predefined password policies to meet your own requirements, if necessary.

Password for logging into One Identity Manager

The password policy "One Identity Manager password policy" is used for logging into One Identity Manager. This password policy defined the settings for the system user passwords (DialogUser.Password and Person.DialogUserPassword) as well as the access code for a one off log in on the Web Portal (Person.Passcode).

The password policy "One Identity Manager password policy" is also labeled as the default and is used when no other password policy is found.

Password policy for forming employees' central passwords

An employee's central password is formed from the target system specific user accounts by respective configuration. The password policy "Employee central password policy" defines the settings for the central password (Person.CentralPassword).

IMPORTANT: Ensure that the password policy "Employee central password policy" does not violate the target system specific password requirements.

Password policies for target systems

A predefined password that you can apply to the user account password columns, is provided for every target system.

NOTE: When you update One Identity Manager version 7.x to One Identity Manager version 8.0, the configuration parameter settings for forming passwords are passed on to the target system specific password policies.

IMPORTANT: If you are not working with target system specific password policies, the default policy applies. In this case, ensure that the password policy "One Identity Manager password policy" does not violate the target system requirements.

Editing Password Policies

Editing Password Policies

To edit a password policy

  1. Select the category Employees | Basic configuration data | Password policies in the Manager.

  2. Select the password policy in the result list and select Change master data in the task view.

  3. Edit the password policy's master data.
  4. Save the changes.
Detailed information about this topic

General Master Data for a Password Policy

General Master Data for a Password Policy

Enter the following master data for a password policy.

Table 33: Master Data for a Password Policy

Property

Meaning

Display name

Password policy name. Translate the given text using the button.

Description

Spare text box for additional explanation. Translate the given text using the button.

Error Message

Custom error message outputted if the policy is not fulfilled. Translate the given text using the button.

Owner (Application Role)

Application roles whose members can configure the password policies.

Default policy

Mark as default policy for passwords.

NOTE: The password policy "One Identity Manager password policy" is marked as the default policy. This password policy is applied if no other password policies can be found.

Policy Settings

Policy Settings

Define the following settings for a password policy on the Password tab.

Table 34: Policy Settings

Property

Meaning

Initial password

Initial password for new user accounts. If no password is given when the user account is added or a random password is generated, the initial password is used.

Password confirmation

Reconfirm password.

Min. Length

Minimum length of the password. Specify the number of characters a password must have.

Max. length

Maximum length of the password. Specify the number of characters a password can have.

Max. errors

Maximum number of errors. Set the number of invalid passwords. If the user has reached this number the user account is blocked.

Validity period

Maximum age of the password. Enter the length of time a password can be used before it expires.

Password history

Enter the number of passwords to be saved. If the value '5' is entered, for example, the last 5 passwords of the user are saved.

Min. password strength

Specifies how secure the password must be. The higher the password strength, the more secure it is. The password strength is not tested if the value is '0'. The values '1', '2', '3' and '4' gauge the required complexity of the password. The value '1' demands the least complex password. The value '4' demands the highest complexity.

Name properties denied

Specifies whether name properties are permitted in the password.

Related Documents