Policy Server GuidesPolicy Server Management GuideUser Session and Account ManagementManage User Accounts › Manage User Passwords

Previous Topic: Enable and Disable Users

Next Topic: Auditing User Authorizations
Manage User Passwords

The User Management dialog box enables you to force password changes for users, or change user passwords to new values.

If you are using the Password Must Change feature of SiteMinder’s Registration Services, you can force password changes from the User Management dialog box. However, a Password Policy must be defined. For information about password policies, see the SiteMinder Policy Design Guide.

Note: If you force a user to change passwords, and the user is accessing resources through an Agent that is not using an SSL connection, the user’s new password information will be received over the non-secure connection. To provide a secure change of passwords, set up a password policy that redirects the user over an SSL connection when changing passwords. For information on password policies, see the SiteMinder Policy Design Guide.

To manage user passwords

  1. Log into the Policy Server User Interface.
  2. From the menu bar of the SiteMinder Administration window, select Tools, Manage Users.
  3. The SiteMinder User Management dialog box opens.
  4. From the Directory drop-down list, select the user directory connection for the directory that contains the user for whom you want to manage passwords.
  5. Click the Search icon.

    The Policy Server displays the user directory search dialog box associated with the type of directory you selected from the Directory drop-down list.

    Note: For information about user directory searches, see the SiteMinder Policy Design Guide.

    Enter search criteria and execute a search for the user for whom you want to manage passwords.

    The User Management dialog box displays the users that match your search criteria.

  6. Select a user from the list of results.

    Note: You must select a single user from the list of search results.

  7. To force the selected user to change passwords on their next login, in the Password group box select the User must change password at next login check box.
  8. To change a user’s password to a new value, in the Password group box select the Change password to check box and enter the new password in the field. Re-enter the password in the Confirm Password field.

    Note: The password that you specify is not constrained by any password policy but it is recorded in the user's password history.

  9. Click Set.

    Your changes are saved.

  10. Click OK.

    Note: Be sure that a password policy exists before you force users to change passwords. If no password policy exists, users will not be able to change their passwords, and therefore will not be able to access protected resources. For more information, see the SiteMinder Policy Design Guide.