To get ready to support password self-service and user authentication in an Identity Manager user application, you need to know the following:
The password management features supported by an Identity Manager user application encompass user authentication and password self-service. When you put these features into use, they enable your application to:
Prompt for login information (user name and password) to authenticate against Novell eDirectory
Provide users with password change self-service
Provide users with forgotten password self-service (including prompting for challenge responses, displaying a password hint, or allowing a password change, as needed)
Provide users with challenge question self-service
Provide users with password hint self-service
Before you can use most of the password self-service and user authentication features, you need to do the following in eDirectory:
Enable Universal Password
Create one or more password policies
Assign the appropriate password policies to users
A password policy is a collection of administrator-defined rules that specify the criteria for creating and replacing user passwords. Novell Identity Manager takes advantage of NMAS (Novell Modular Authentication Service) to enforce password policies that you assign to users in eDirectory.
You can use Novell iManager to perform the required setup steps. For example, here’s how someone defined the DocumentationPassword Policy in iManager.
This password policy specifies:
Universal Password settings
Settings to deal with forgotten-password situations
Assignments that apply the policy to specific users
For more information on setting up Universal Password and password policies in eDirectory, see the Novell Identity Manager Administration Guide.