Dear Guys,
Assume a case where where WC is not integrated with AD , and the pwd policy management policy (Pwd Auro-Expiration for 1 month ) is set up in Windchill-DS . When a users fails to change the pwd , his account is automatically locked. And it causes an over-head for the Admin tochange the pwd for the failed users(s) .. is there a way to downsize the effort ? meaning like sending mail with random pwd to the Users automatically after the pwd expiration ?
Any other suggestions or ideas pls ?
Regards,
Sriram Rammohan
Solved! Go to Solution.
WindchillDS is just a customized version of OpenDS (for Windchill 9.1, 10.0, and 10.1) or OpenDJ (10.2). Below are links to the documentation for these softwares:
OpenDS:
http://docs.oracle.com/cd/E19476-01/
OpenDJ:
https://wikis.forgerock.org/confluence/display/OPENDJ/OpenDJ+Documentation
These links contain more indepth info on the capabilities of the software than what is in the WindchillDS Admin Guide. You can take a look through the documentation to see if OpenDS/DJ is capable of what you're looking for.
Though, as far as I know, these softwares aren't capable of fully atuomating the procedure you describe. OpenDS/DJ do include a random password generator. But, I haven't been able to find a way to automatically trigger the random password generator every time a user's password expires. The other problem is sending the random password to the user. OpenDS/DJ can be configured to send out notifications to users letting them know of a password reset. And these emails can be confiured to include the values of certain attribues. But, the problem is that the value of the userPassword attribute is encrypted, so the password won't be sent in plain text.
You could automate this procedure by adding some of your own custom code. For example, OpenDS/DJ can be configured to send out JMX notifications on a password expiration. You could write something that listens for this JMX notification, and automaticaly runs a reset using the random password generator on that account. Then, it would take the random password returned by the reset, and send this out to the user.
WindchillDS is just a customized version of OpenDS (for Windchill 9.1, 10.0, and 10.1) or OpenDJ (10.2). Below are links to the documentation for these softwares:
OpenDS:
http://docs.oracle.com/cd/E19476-01/
OpenDJ:
https://wikis.forgerock.org/confluence/display/OPENDJ/OpenDJ+Documentation
These links contain more indepth info on the capabilities of the software than what is in the WindchillDS Admin Guide. You can take a look through the documentation to see if OpenDS/DJ is capable of what you're looking for.
Though, as far as I know, these softwares aren't capable of fully atuomating the procedure you describe. OpenDS/DJ do include a random password generator. But, I haven't been able to find a way to automatically trigger the random password generator every time a user's password expires. The other problem is sending the random password to the user. OpenDS/DJ can be configured to send out notifications to users letting them know of a password reset. And these emails can be confiured to include the values of certain attribues. But, the problem is that the value of the userPassword attribute is encrypted, so the password won't be sent in plain text.
You could automate this procedure by adding some of your own custom code. For example, OpenDS/DJ can be configured to send out JMX notifications on a password expiration. You could write something that listens for this JMX notification, and automaticaly runs a reset using the random password generator on that account. Then, it would take the random password returned by the reset, and send this out to the user.
Thanks a lot for the details & suggestion Chris , Lots of take aways for me from your post
Sriram R
Chris,
What about sending out a warning to the users before the password expires? It looks like WindchillDS should be able to do that, but I haven't been able to get it to work... Is it possible?
-marc
CAD / PLM Systems Manager
Yes, it's possible to configure WindchillDS to send out email notifications on password policy events. See the below article for instructions:
https://support.ptc.com/appserver/cs/view/solution.jsp?n=CS125304