Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Anonymous_User Absent Member.
Absent Member.
852 views

NetIQ IDM User Application and SSPR

Hello
Is it possible to use both UA and SSPR?
Can you the reset password functionality in UA to SSPR?

Thanks
0 Likes
5 Replies
Highlighted
Anonymous_User Absent Member.
Absent Member.

Re: NetIQ IDM User Application and SSPR

On 03/07/2014 04:45 AM, alekz wrote:
> Hello
> Is it possible to use both UA and SSPR?
> Can you the reset password functionality in UA to SSPR?


Sure. The UserApp lets you point to an external URL for forgotten
password stuff; just point to SSPR's page and you're set. Bonus:
configure SSPR to send users back to the UserApp whenever they logout to
avoid any confusion there on end users' parts.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: NetIQ IDM User Application and SSPR


This is great and it work fine, but can you also force the user to set
their questions in SSPR from the initial login of UserApp or do you need
to have Access Manager to do that ?


--
bic9286
------------------------------------------------------------------------
bic9286's Profile: https://forums.netiq.com/member.php?userid=1334
View this thread: https://forums.netiq.com/showthread.php?t=50255

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: NetIQ IDM User Application and SSPR


bic9286;246933 Wrote:
> This is great and it work fine, but can you also force the user to set
> their questions in SSPR from the initial login of UserApp or do you need
> to have Access Manager to do that ?


I think you need NAM, or some other software that can detect that
either:
a) the password has expired and send them to the SSPR instead of UA
or
b) detect if the attributes for challenge/response are empty and if so,
send over to SSPR

Normally, a brand new user has no challenge/response filled out. In a
lot of cases (but it's up to how your environment is configured), a new
user has an "admin" set password. We set ours to auto-expire so that the
user is forced to change it upon login.

IF you do that (force to change upon initial login), I believe both SSPR
and UA (depends on the version I think?) will force you to answer your
challenge/response questions and then set your password.

Although we found (at least if front-ending UA with NAM and having NAM
set to the UA for password expiration) that it's flaky as all get-out
for that, so we setup SSPR instead and find it much more reliable for
that.


--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=50255

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: NetIQ IDM User Application and SSPR


Yep, I thought so...well in the mean time I did some configuration that
might be sufficient for my current customer.

I went to the configuration mode of SSPR (Settings --> Application) and
set the Foward URL to the UserApp login page anf the Logout URL to
UserApp Logout page.
Forward URL send's the user to this URL when he his done doing the
activity of adding the Q&A (Tested and was forwarded to the login page
after successfully add my answers)
Logout URL, well this is if the users logout from the SSPR application
(if he can get to it 🙂 (tested, I was sent to the UserApp logout
page)
And of course the Forget Password link in USerApp is pointing to SSPR so
that the user can reset their passwords (tested, did reset my password)

So I guess case close on my side…I know it is not the cleanness way to
do it, but it should meet the requirement I currently have (to not have
two portal to send the user to and not add Access Manager…)


--
bic9286
------------------------------------------------------------------------
bic9286's Profile: https://forums.netiq.com/member.php?userid=1334
View this thread: https://forums.netiq.com/showthread.php?t=50255

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: NetIQ IDM User Application and SSPR

On 07/24/2014 07:04 AM, bic9286 wrote:
>
> This is great and it work fine, but can you also force the user to set
> their questions in SSPR from the initial login of UserApp or do you need
> to have Access Manager to do that ?


SSPR has a user activation feature that is probably best-suited for this.
During the onboarding process of a new user, have them go and claim their
account via SSPR, including setting a password and challenges, and then go
to the UserApp for the first time, rather than having them start out at
the UserApp. I think you'll find this feature really useful, and it's
very simple and powerful.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.