Thursday, January 7, 2010

OAM Password Policies

This post outlines the password policies, user challenges in Oracle Access Manager that are possible OOTB.
Lost Password Policy: Lost Password Policy creation is used to challenge the user with registered questions at first login and followed by reset password.
Password Policy: Password Policy is used for specifying the Password Specifications (if any), Password validity period, Password History etc.,
The Change on Reset option enables user to change their password at their first login.
The following steps describe the usage of password reset, lost password management.
1. New User gets created in OAM without registering challenge questions.
2. New user attempts to login to OAM console.
3. OAM forces the user to change their password. Upon changing, user will have to register their challenge questions (either user defined or system defined).
4. Upon successful password reset and questions registration, user will be shown the OAM console.
5. User forgets their password and clicks Loss Password button.
6. User will be challenged with registered questions. After answering the questions correctly, user will be prompted to change their password.
7. User logs in to OAM console successfully and attempts to reset password.
8. User navigates to My Profile, clicks on Modify and enters the existing and new passwords.

Viewlet:
To see the viewlet of configuring the OAM password policies, drop me a mail.

5 comments:

  1. Hi Mahendra,
    I have a following requirment:

    I want to use OAM to change the password of the users. I have OVD and adapters in OVD which connects to taget systems (AD, OID and database).
    When I change the password of the user using OAM, will the password changes propogate to AD, OID and database via OVD or the password change will happen only in one of the target system via OVD.
    Please could you suggest.

    Regards,
    Neha

    ReplyDelete
  2. Hi Neha,

    To my knowledge if you have given the write permission in adapters of target systems, then password should be propagated to target systems as well. However, I just have this from my theoritical point of view, I would suggest you to raise a TAR with Oracle.
    HTH

    Thanks,
    Mahendra.

    ReplyDelete
  3. Hi,

    I am newbie to OAM.

    I have to login to oamconsole which is configured by someone. I have no idea about the credentials to login to OAM.

    Is there any file we can check to know the username and the way to reset the password of that user.

    Regards,
    Renne

    ReplyDelete
  4. Where does OAM 11G R2 store the password policy? Is it some configuration file or the database?

    Thanks!
    Salman

    ReplyDelete