Agent GuidesWeb Agent GuideManage Password ServicesFCC Password Services and URL Query Encryption › How to Enable User-Initiated Password Changes with FCCs

Previous Topic: How to Enable User-Initiated Password Changes when using the SiteMinder X.509 Certificate and Basic Authentication Scheme

Next Topic: How to Enable User-Initiated Password Changes with FCCs (SecureURLs=Yes)
How to Enable User-Initiated Password Changes with FCCs

You can configure the FCC Password services features of SiteMinder to allow users to change their own passwords whenever they want.

Note: Use the following process only if your SiteMinder Web Agent configuration also has the value of the SecureURLs parameter set to no.

To enable user-initiated password changes with FCCs, use the following process:

  1. Confirm that your user directory contains attributes that support Password Policies.
  2. Use the Policy Server User Interface to do the following tasks:
    1. Create an FCC-based password policy and protect the resources you want.
    2. Configure the password policy to allow authorized users to change their passwords.
  3. Create a password change URL in your FCC form that includes the following parts:
  4. Embed the URL as a link in one or more unprotected web pages, as shown in the following example: 
    <a href="http:logonserver.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=
34&SMAGENTNAME=$$smencode(smagentname)$$&TARGET=$$smencode(target)$$">Change Password</font></a>
  5. Test the password change function with the following steps:
    1. Display a web page that has the password change link you created in Step 3.
    2. Click the password change link.

      The password change form appears.

    3. Fill out the password change form and submit it.

      If the password change is successful, a confirmation page appears, and shows a link to the protected target resource.

    4. Click the link and ensure that the resource appears.
    5. Close and re-open your browser. Try to access the protected resource using your new password.

      If you can access the resource with your new password, the password change is successful.