With setting the parameters Identity.Listener.Enable and Notification.Expire.Time in file identity-mgt.properties of WSO2IS the expire time of all users passwords are set. An user will be locked if the password passes this expire time. The user can be unlocked with the admin user of a tenant.
So, also the admin user can be lockef if the password expires. Nor the password of the admin nor the password of other locked users can be unlocked anymore. Or, does the setting Notification.Expire.Time not affect the Admin user at all, and the Admin is never locked on this parameter?
In case the Admin can also be locked, which feature does WSO2IS offer for unlocking the admin user of a tenant?
There is no way to lock admin user or tenant admin users. You can configure above settings mentioned in question, but it doesn't affect the admin users.
Related
In our SonarQube instance we have recently enabled LDAP authentication. Prior to LDAP integration the users were manually created. It so happened some of the users were created using the same LDAP user ID and custom password.
Now when LDAP is integrated we want all users use the LDAP ID/pass instead of previously manually created ID/password. SonarQube login works with manually created password rather than LDAP password. So how do remove the manually created users and only activate the LDAP users?
PS: I dont see the option to delete but only to de-activate
As replied by Jeroen Heier in comments, removing users from Administration > Security > Users will allow you to reuse the login of the removed user with an LDAP account.
If it's not the case, please describe what you're doing.
While I'm concerned with the deletion of an account... why can't you re-activate a user if you de-activated them through the UI. This is incredibly painful if a user was accidentally deactivated.
When I create another admin user, how can he change password. I disallow 'Administrators' permissions since he can make him self SuperAdmin. Without that he cannot change his profile, like password. Is there a way to have better control on Administrators.
Use password reminder option from a login screen. There's no "user profile" functionality for each administrator separately.
On appfuse (http://appfuse.org/display/APF/Demos), an Administrator can add users. When adding a new user, the administrator can set "Password Hint" for the user being added, but not the user's actual password. When the user comes to login, how will the user know his exact password, my question is?
When administrator add some user, they only filled the the password hint.
And the password will be sent to user's email that has been registered.
i want to customize login in Liferay 6.2. I've internal liferay users and ldap users. All users have a record in liferay user_ table. The differences are: internal users must change password at first login and see password reminder question.
Ldap users make only login with their password.
Acutally Liferay ask to ldap users to change their password and set password reminder question. These users change password but at next login, login is possible by old ldap password (correct). Liferay must not write in ldap.
How can i remove password change and password reminder question for ldap user?
There's a password policy that you can set per organization. If you introduce a new organization for each of the groups (or just one might suffice as well) you can have individual password policies per organization.
In Password policies you can configure quite a lot of stuff, e.g. should passwords be changed on first login etc. You can also select the "LDAP Password Policy" in the LDAP configuration screen. I'm rarely working with password policies, thus it's hard to give detailed directions - let me know if this is sufficient or if you need more detailed pointers
I am using Active Admin in my Rails Application. I have been able to set it up and use default user but I cannot add new User. When I go to Add New Admin User it lets me put in a username but never sends the email to setup a password. How does Active Admin send the default email out of a development configuration to be able to setup a password for my users?
Active Admin, by default, uses Devise for authentication. If you enable :confirmable it'll email that user to verify the creation of their account. You can read details on enabling :confirmable on an existing setup here: https://github.com/plataformatec/devise/wiki/How-To%3a-Add-%3aconfirmable-to-Users