Administrators or help desk personnel can set a user's Universal Password using a new task in iManager. The task shows the password rules for the Password Policy that is in effect for the user.
In iManager, click Password Management > Set Universal Password.
If the user has a password policy assigned, and Universal Password enabled, you are allowed to change the password using this task.
If the Advanced Password Rules are enabled in the policy, you see a list of rules that must be followed.
NOTE: If Universal Password is not enabled for a user, the Advanced Password Set task displays an error and the password is not changed. You must either assign a policy to the user and then return to this task, or change the user's NDS password using the eDirectory Administration > Modify Object task.
Create a password for the user, making sure it is compliant with all password rules that are displayed.
The Universal Password is changed for the user.
If Password Synchronization is set up in your environment, the user's new password is distributed to the connected systems that are configured to accept it.
NOTE: A security enhancement was added to NMAS 2.3.4 regarding Universal Passwords changed by an administrator. It works basically the same way as the feature previously provided for NDS Password. If an administrator changes a user's password, such as when creating a new user or in response to a help desk call, for security the password is automatically expired if you have enabled the setting to expire passwords in the Password Policy. The setting in the Password Policy is in Advanced Password Rules, named "Number of days before password expires (0-365)." For this particular feature, the number of days is not important, but the setting must be enabled.