Chat now with support
Chat with Support

Identity Manager 8.2 - Operational Guide

About this guide Simulating data changes in the Manager Scheduling operations activation times Re-applying templates Exporting data with the Manager Analyzing data and data changes Analyzing process monitoring in the Manager Schedules in One Identity Manager Mail templates in One Identity Manager Password policies in One Identity Manager Working with change labels Checking data consistency Compiling a One Identity Manager database Transporting custom changes Importing data with the Data Import Importing and exporting individual files for the software update Creating a One Identity Manager database for test or development from a database backup Initializing DBQueue Processor the after extending the server hardware Command line programs

Predefined password policies

You can customize predefined password policies to meet your own requirements if necessary.

Password for logging in to One Identity Manager

The One Identity Manager password policy is applied for logging in to One Identity Manager. This password policy defines the settings for the system user passwords (DialogUser.Password and Person.DialogUserPassword) as well as the passcode for a one time log in on the Web Portal (Person.Passcode).

NOTE: The One Identity Manager password policy is marked as the default policy. This password policy is applied if no other password policy can be found for employees, user accounts, or system users.

For detailed information about password policies for employees, see the One Identity Manager Identity Management Base Module Administration Guide.

Password policy for forming employees' central passwords

An employee's central password is formed from the target system specific user accounts by respective configuration. The Employee central password policy defines the settings for the (Person.CentralPassword) central password. Members of the Identity Management | Employees | Administrators application role can adjust this password policy.

IMPORTANT: Ensure that the Employee central password policy does not violate the target system-specific requirements for passwords.

For detailed information about password policies for employees, see the One Identity Manager Identity Management Base Module Administration Guide.

Password policies for user accounts

Predefined password policies are provided, which you can apply to the user account password columns of the user accounts. You can define password policies for user accounts for various base objects, for example, for account definitions, manage levels, or target systems.

For detailed information about password policies for user accounts, see the administration guides of the target systems.

Using password policies

You can assign password policies to system user passwords, the employees' central password as well as passwords for individual target systems. Assign a password policy to the base object to which it should apply.

  • The predefined One Identity Manager password policy password policy is assigned to the (DialogUser.Password and Person.DialogUserPassword) system user passwords as well as the passcode of the employee (Person.Passcode).

  • The predefined password policy Employee central password policy is assigned to the employee's central password (Person.CentralPassword).

  • The password policies for target systems are assigned to the password columns of the user accounts.

For more information about password policies for employees, see the One Identity Manager Identity Management Base Module Administration Guide. For detailed information about password policies for user accounts, see the administration guides of the target systems.

NOTE:

  • In the QBMVPwdPolicyColumns view, you define which base objects and password columns are permitted for password policies and the order in which the password policies are to be applied. If necessary, you can add your own references to customize the view in the Designer.
  • If you create new custom tables with password columns, in the Designer, assign the VI.Common.Customizer.PwdPolicyColumnEntityLogic customizer to the table definition.

For more information, see the One Identity Manager Configuration Guide.

If you want to apply another password policy to the password columns, change the password policy assignment to the base object.

To change a password policy's assignment

  1. In the Designer, select the Base data > Security settings > Password policies category.

  2. Select the password policy in the result list.

  3. Select the Assign objects task.

  4. In the Assignments pane, select the assignment you want to change.

  5. From the Password Policies menu, select the new password policy you want to apply.

  6. Save the changes.

To reassign a password policy

  1. In the Designer, select the Base data > Security settings > Password policies category.

  2. Select the password policy in the result list.

  3. In the Assignments pane, click Add and enter the following data.

    Table 25: Assigning a password policy

    Property

    Description

    Password column

    The password column's identifier.

    Apply to

    Application scope of the password policy.

    To specify an application scope

    1. Click the ... button beside the input field.

    2. Select the table which contains the password column under Table.

    3. Select the specific base objects under Apply to.

    4. Click OK.

  4. Save the changes.

Editing password policies

Predefined password policies are supplied with the default installation that you can use or customize if required.

To edit a password policy

  1. In the Designer, select the Base data > Security settings > Password policies category.

  2. In the List Editor, select the password policy.

  3. Edit the password policy's main data.

  4. Save the changes.
Detailed information about this topic
Related topics

Creating password policies

Predefined password policies are supplied with the default installation that you can use or customize if required. You can also define your own password policies.

To create a password policy

  1. In the Designer, select the Base data > Security settings > Password policies category.

  2. Select the Object > New menu item to create a new password policy.

  3. On the main data form, enter the main data of the password policy.

  4. Save the changes.
Detailed information about this topic
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating