立即与支持人员聊天
与支持团队交流

Identity Manager 9.1.2 - Web Designer Web Application Configuration Guide

About this guide Configuring the Web Portal WebAuthn security keys Configuring the Application Governance Module Configuring the Password Reset Portal Recommendations for secure operation of web applications

Defining password dependencies

By defining password dependencies, you specify which passwords are managed through the central password.

Table 14: Script for declaring passwords

Script

Description

QER_PasswordWeb_IsByCentralPwd

By default, the script checks whether "QER | Person | UseCentralPassword"
is set. If the configuration parameter is set, the employee's central password is mapped to the password column of the employee's user account. A user account must be linked to the current user, it cannot be a privileged account. The script can be overwritten.

To define password dependencies

  1. Open the Designer.
  2. Search QER_PasswordWeb_IsByCentralPwd.
  3. Use "QER_PasswordWeb_IsByCentralPwd" as the basis for an overrideable script with the following parameters.
    1. Current user's UID_Person.
    2. Object's key (ObjectKey) offered for password reset.
    3. Password's column name.

    Using this input parameter, the script must return the information regarding whether or not a password is managed by the central password.

  4. Save the setting in the Designer.
  5. Compile the Password Reset Portal.

Setting a central password

The central password is set separately from other password to prevent problems.

Once at least one of the logged in user's passwords is managed by the central password, two options are provided after authentication.

  1. Setting the central password
  2. Setting one or more passwords

If setting one or more passwords, it is possible to set a password managed by the central password. If you want to prevent this, you can exclude the password from being reset.

For more information, see Excluding passwords from being reset.

Configuring checks for all passwords

Once a user has changed their central password and the user account is linked to other target system accounts, the password can be checked against all the password policies of the connected target systems.

To configure checks for all passwords

  1. Start the Designer program.

  2. Connect to the relevant database.

  3. Set the QER | Person | UseCentralPassword | CheckAllPolicies configuration parameter.

    NOTE: For more information about editing configuration parameters in the Designer, see the One Identity Manager Configuration Guide.

Setting up a new application token

You can set a new application token using WebDesigner.ConfigFileEditor.exe.

To set a new application token

  1. In the One Identity Manager installation directory, start WebDesigner.ConfigFileEditor.exe.
  2. Ensure that QER_PasswordWeb is set as the web project.
  3. Click next to Application token exists.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级