Anonymous_User Absent Member.
Absent Member.
781 views

SSPR forgotten password problem


Hi all,

We are using SSPR for password reset for eDirectory users and for the
forgotten password part we use Challenge/Responses.

The problem we are facing is when a user correctly answers the
challenges, the nspmDistributionPassword is randomly generated in
eDirectory before the user sets the password. After that the user is
redirected to the "Change Password" page.

The log below shows the modify nspmDistributionPassword before the
user's types the new password

<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Advanced" version="4.0.1.0">DirXML</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<modify cached-time="20130611085924.124Z" class-name="User"
event-id="N448D-NDS#20130611085924#1#1:24782d4e-e9f3-4e78-bd36-6a59de58f5a5"
qualified-src-dn="O=CSW\OU=Persons\OU=DE\OU=Tmp\CN=jdoe"
src-dn="\IDV\CSW\Persons\DE\Tmp\jdoe" src-entry-id="68087"
timestamp="1370941164#8">
<modify-attr attr-name="nspmDistributionPassword"><!-- content
suppressed -->
</modify-attr>
<operation-data opNotificationId="John_DOE"/>
</modify>
</input>
</nds>


Do you have an idea to solve the problem? We want the event on
nspmDistributionPassword only when the user sets a new password.

Thanks in advance.


--
bensalem
------------------------------------------------------------------------
bensalem's Profile: https://forums.netiq.com/member.php?userid=391
View this thread: https://forums.netiq.com/showthread.php?t=47932

0 Likes
1 Reply
Anonymous_User Absent Member.
Absent Member.

Re: SSPR forgotten password problem

SSPR does not randomly set passwords as far as I know, and the trace below
looks like it from Identity Manager. The logic used to cause this event,
though, is not present, and should be posted along with a thread on the
topic of passwords being randomly generated in the IDM engine-drivers
forum. The full trace is recommended, and including the policy that does
the randomization would be good as well.

Good luck.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.