Anonymous_User Absent Member.
Absent Member.
620 views

Forcing answer of challenge/response?


Is there a way for SSPR3 to force a user to enter their NMAS
Challenge/Response questions upon login? (like if they get taken to the
expired password page)?

Or is this pure NMAS setting?

Or a little of both?


--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=50335

0 Likes
4 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Forcing answer of challenge/response?

Section 3.5.3 of the SSPR admin guide:

Force Response Setup
Select this check box to redirect users to configure challenge-response
when they log in. This setting enforces users to save responses if they do
not have stored responses yet.


--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Forcing answer of challenge/response?


ab;242412 Wrote:
> Section 3.5.3 of the SSPR admin guide:
>
> Force Response Setup
> Select this check box to redirect users to configure challenge-response
> when they log in. This setting enforces users to save responses if they
> do
> not have stored responses yet.
>
>
> --
> Good luck.
>
> If you find this post helpful and are logged into the web interface,
> show your appreciation and click on the star below...


But doesn't that only apply to the PWM challenge/response questions?
I'm talking about NMAS, as we don't use the PWM stuff (although
technically when you DO answer the questions SSPR writes to both).

It's just not clear in the docs if the settings apply to NMAS/LDAP or
the PWM attributes (some do, some don't).


--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=50335

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Forcing answer of challenge/response?


kjhurni;242413 Wrote:
> But doesn't that only apply to the PWM challenge/response questions?
> I'm talking about NMAS, as we don't use the PWM stuff (although
> technically when you DO answer the questions SSPR writes to both).
>
> It's just not clear in the docs if the settings apply to NMAS/LDAP or
> the PWM attributes (some do, some don't).
>
> Anyway, the setting is already enabled, and the user is not required to
> answer the questions.
> I went to do the Forgot my password for a test account, and SSPR came
> back with an error stating the answers hadn't been set.
> I'd previously logged in with an expired password.
>
> Guess I'll open another SR for this one.


Aha!

Apparently I have setup one too many of these servers (test,dev/prod and
3 different user sources) and forgot that this one was still at 3.0.0
codebase
patched to 3.0.0.2

and now it's working


--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=50335

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Forcing answer of challenge/response?


> Apparently I have setup one too many of these servers (test,dev/prod and
> 3 different user sources) and forgot that this one was still at 3.0.0
> codebase
> patched to 3.0.0.2
>
> and now it's working


Thx for the confirmation.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.