Previous Topic: Enable and Disable UsersNext Topic: Auditing User Authorizations

Policy Server GuidesPolicy Server Administration GuideUser Session and Account ManagementManage User Passwords

Manage User Passwords

The Manage User Accounts pane in the Administrative UI enables you to force password changes for users, or change user passwords to new values.

Be sure that a password policy exists before you force users to change passwords. If no password policy exists, users will not be able to change their passwords, and therefore will not be able to access protected resources.

If you force a user to change passwords, and the user is accessing resources through an Agent that is not using an SSL connection, the user’s new password information will be received over the non-secure connection. To provide a secure change of passwords, set up a password policy that redirects the user over an SSL connection when changing passwords.

Follow these steps:

  1. Log into the Administrative UI.
  2. Click Administration, Users, Manage User Accounts.
    The Manage User Accounts pane opens.
  3. Select the user directory connection for the directory that contains the user for whom you want to manage passwords.
  4. Click the Search icon.

    The Policy Server displays the user directory search dialog box associated with the type of directory you selected from the Directory drop-down list.

  5. Enter search criteria in the Users/Groups group box and click GO to execute a search for the user you want to enable or disable. The search criteria is determined by the type of user directory you selected. You can either enter an attribute and a value, or enter an expression. You can click Reset to clear the search criteria.

    The Policy Server displays search results in the Users/Groups group box.

  6. Select a single user from the list of results.
  7. To force the selected user to change passwords on their next login, click Force Password Change in the Reset User's Password group box.
  8. To change a user’s password to a new value, enter a new password in the Change user's password group box. Re-enter the password to confirm.

    Note: The password that you specify is not constrained by any password policy but it is recorded in the user's password history.