Setting users can only manage their own passwords, and cannot manage passwords of other users

Idea ID 2689857

Setting users can only manage their own passwords, and cannot manage passwords of other users

Dear All,

After OO10.X, users cannot manage their passwords reasonably.


For example, users' passwords can be managed via "Manage Security Configuration" Permission.
1. Have "Manage Security Configuration" permission
Users can change their own and other user's passwords, which is not safe for other users.

2. No "Manage Security Configuration" permission
Users cannot change their own passwords, passwords can only be changed by users who have "Manage Security Configuration" permission, and users lose the right to set their own passwords.

In the 9.X version, there is no such restriction, so the customer hopes that after 10.X, the management of the user password can be more friendly, and the user can change his or her own password without changing other users' password.

 

Thanks,
Tian

5 Comments
Valued Contributor.
Valued Contributor.

Yes, I agree!  So much in 10.x has now gone to an all or nothing permissions type model that is completely changing everything in a bad way.  Users/Customers can no longer control many of the aspects they used to be able to in 9.x and it is causing more and more admin overhead for everyone!

Please make things as granular as they were in 9.x so we can hand over much of the administration tasks back to the groups where it belongs.

 

 

Respected Contributor.
Respected Contributor.

Dears,I think this is a very important feature about security.

Could anyone can check this request.

Thanks

Micro Focus Frequent Contributor
Micro Focus Frequent Contributor
Status changed to: Waiting for Votes

Changing status to Waiting for Votes to get community feedback

Micro Focus Frequent Contributor
Micro Focus Frequent Contributor
Status changed to: Declined

Given the low community support on this idea we are declining it for now.

The user management experience will evolve in the next releases to a new solution that will address also these concerns.

Acclaimed Contributor.
Acclaimed Contributor.

Some legacy features should have been provided as they were basic user management related. Particularly in larger deployments.

Hopefully as stated it will be addressed in upcoming releases.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.