Highlighted
L Pennington Super Contributor.
Super Contributor.
558 views

Password Policy enforcement

Has anyone implemented any password policy into ALM? We have requirements from security that they would like a policy enforced. ALM is hosted externally in cloud so cannot communicate with their LDAP server, nor can we use external authentication mechanism like SiteMinder as I can see that add-ons like Excel are not supported. 

So we are stuck with users able to choose any password they like (we have stopped blank ones from being chosen through workflow code), and there is no way to enforce them changing it.

I noticed Site Admin API can be used to create users etc, but I can't see any method to change password.

HP SaaS Site Administration have the portal that does all this so must be possible. Any ideas??

 

 

 

Tags (1)
0 Likes
2 Replies
L Pennington Super Contributor.
Super Contributor.

Re: Password Policy enforcement

Ignore my comment about there not being a password set method - I missed it in the list - SetUserProperty method.

http://alm-help.saas.hpe.com/en/12.53/api_refs/site_admin/webframe.html#topic100.html

Be interested to hear if anyone has built functionality around this though.

 

 

0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Password Policy enforcement

There is a Site Parameter called DISABLE_PASSWORD_OTA_ENCRYPTION that you can add. If you set it to Y you are able to analyze or set the password from the workflow:

MsgBox TDConnection.Password

Jan Czajkowski

[Please do not contact me off line for receiving support. Use the forum!]
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.