Not sure where to post questions for Self Service Password Reset
(https://www.netiq.com/documentation/sspr20/) questions.... so please
forgive if not here.


We currently use IDM UserApp Forgotten Password / Password Self
Service, but because it stores the password challenge responses in "Tree
certificate" encrypted attributes (sasLoginSecret), we cannot
synchronize these responses to another Tree to be used by another
instance of a UserApp.

We really want to maintain usage of Client Login Extensions from the
workstation to invoke Password Self Service from a workstation that has
not been logged into, and the user needs a password reset. However, we
also need to be able to have a solution where a user could access any 1
of 3 Trees' Password Self Service, and we cannot depend on the user to
go to three different UserApps initially and populate all 3 with the
same responses to the challenge questions.

So... that brings us to Self Service Password Reset 2.0. It looks
like we could use encrypted eDirectory attributes to store the challenge
responses in, and synchronize to another tree. Thus, allowing us to
deploy 3 Trees, with 3 instances of Self Service Password Reset, and
have them all function identically to the user.

Are there any plans to introduce Client Login Extensions to work
against the Self Service Password Reset 2.x ?? 3.x ??

We do have one of the organizations using a home grown passwords self
service that could be used in all 3 Trees, synchronizing hashed
challenge responses, but because it doesn't have any Client component,
we are still looking.

Any responses/feedback much appreciated !

Thanks!!


--
mmiltenberger
------------------------------------------------------------------------
mmiltenberger's Profile: http://forums.novell.com/member.php?userid=4016
View this thread: http://forums.novell.com/showthread.php?t=456596