返回
-
标题
How To: Disable manual editing of generated password field in Active Roles -
说明
This article explains how to disable manual editing of generated password field in Active Roles. -
解决办法
Complete the following steps below to prevent users from selecting the password field and entering their own password manually, and to make the Generate password button the only option.
- Create a custom Password Generation Script under Configuration | Policies | Administration | Builtin (create a new Provisioning Policy) There is a known issue with making a copy of this policy, please follow these steps here: Defect ID# 91662
- Open the new policy by double-clicking it, and selecting the Policies tab
- Double click the Policy Object Script Module
- Under the Parameter tab
- Select the *Disable Manual Edit and select the Edit... button at the bottom of this screen and change the Value to True
- Select OK to save the changes
- Select the Scope tab and select the Scope... button
- Scope the Password Generation Script to Active Directory (AD) or specific Organizational Units (OU)
- Test the changes on the Active Roles Web Interface and verify that the field is deactivated from being selected and that the Generate button is the only option for password generation
NOTE: The *Disable Manual Edit option on the Parameters tab is new to 7.4.4. When upgrading from a version prior to 7.4.4, the Generate User Password - PowerShell script is updated when upgrading. For versions 7.4.1 and 7.4.3, please consult One Identity Support.
