Policy Server Guides › Policy Server Configuration Guide › Password Policies › User-initiated Password Changes › Add a Change Password Link › Allow Specific Users to Change Their Passwords in CGI
Allow Specific Users to Change Their Passwords in CGI
If you want to allow only certain users to change their own passwords, complete the following procedure.
To allow specific users to change their passwords
- Modify the permissions for the PWLogin.template file:
- Navigate to the following location:
web_agent_installation_dir/pw
where web_agent_installation_dir is the installed location of the Web Agent.
- In File, Properties, deselect the read-only attribute.
- Edit the text in the PWLogin.template file:
- Open PWLogin.template in a text editor.
- Add the following line to the template at an appropriate location:
<a href="/siteminderagent/pwcgi/smpwservicescgi.exe?
SMAUTHREASON=34&TARGET=$$TARGET$$">Change Password</a>
- Save the file.
- Access the Administrative UI.
- Create an Authentication Scheme with the following settings:
- Server Name: The name of the server where the Password Services CGI resides. For example:
myserver.mycompany.org
- Target: /siteminderagent/pwcgi/smpwservicescgi.exe
- Optionally, create a new policy domain.
The policy domain should include the user directory that contains the users that are allowed to change their own passwords.
If you do not create a new policy domain, select an existing policy domain.
- Create a realm that specifies the directory that you are protecting. In the Authentication Scheme list box, select the authentication scheme you created in step 4.
- Create a rule under the realm that specifies the resource(s) that you are protecting.
Note: If you create a rule that specifies all of the resources (*) in the directory that you are protecting, you do not have to create separate rules for localized Password Services.
- Create a policy that binds the rule you created and the users/groups who are allowed to change their passwords.