This section describes built-in activities that provide core actions of the self-service workflows, such as Reset password, Unlock account, and so on.
This section describes built-in activities that provide core actions of the self-service workflows, such as Reset password, Unlock account, and so on.
This activity is a core activity of the My Questions and Answers Profile workflow. Use this activity to enable users to create and update their Questions and Answers profiles.
You can also use this activity in the Forgot My Password and Unlock My Account workflows, if you want to force users to update their Q&A profiles after they reset passwords or unlock their accounts. When you use this activity in the Forgot My Password and Unlock My Account workflows, select the Run this activity only if user’s Q&A profile should be updated check box to make users update their Q&A profiles only if the profiles are not compliant with the current requirements.
The activity has the following settings:
Run this activity only if user’s Q&A profile should be updated: When you use this activity in workflows other than My Questions and Answers Profile, for example, in Forgot My Password and Unlock My Account workflows, select this check box to make users update their Q&A profiles only if the profiles are not compliant with the current Q&A policy.
This is a core activity of the Forgot My Password workflow. The activity allows users to reset passwords in AD LDS instances. If you want to enable users to reset passwords in several systems, configure the Reset password in AD LDS and connected systems activity. For more information on configuring this activity and using One Identity Quick Connect Sync Engine, see Reset Password in AD LDS and Connected Systems.
In this activity you can configure the Enforce password history option. Password history determines the number of unique new passwords that have to be associated with a user account before an old password can be reused.
Before selecting this option, you should consider the following by-design behavior of Password Manager when that the Enforce password history option is enabled:
Password Manager uses two slots from the password history every time a password is reset. For example, if the password history value defines that users cannot reuse any of the last 10 passwords, then Password Manager checks only the last five passwords. Therefore, One Identity recommends that you double the password history value. For example, if you want to prevent users from using the last 10 passwords, enter the value 20.
Having entered a new password that is not policy compliant, users may end up with a randomly generated password that they do not know.
The Use auto generated password option enables HelpDesk users to generate a new password during password reset process.
The Use manual password option enables HelpDesk users to reset the password manually.
This is a core activity of the Manage My Passwords workflow. The activity allows users to change passwords in AD LDS instances. If you want to enable users to change passwords in several systems, configure the Change password in AD LDS and connected systems activity. For more information on configuring this activity and using One Identity Quick Connect Sync Engine, see Change Password in AD LDS and Connected Systems.
Run this activity only when user must change password at next logon: Select this check box when you use this activity in workflows other than Manage My Passwords. By using this option you can force users who are required to change password at next logon to change password while performing other tasks on the Self-Service Site.
For example, if you add the Change password in AD LDS activity with this option selected to the My Questions and Answers Profile workflow, you will force users who are required to change password at next logon to change password when creating or updating their Q&A profiles.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center