none
SSPR form customization RRS feed

  • Question

  • Hello , 

    is it possible to customize the forms in the SSPR page ? 

    Is it possible to use FIM SSPR for multi-domain ? 

    Regards

    Monday, September 8, 2014 2:36 PM

All replies

    1. Customization - not really possible. You can modify CSS that rules the forms, but you cannot change a lot.
    2. Yes, as long you would have all users in your FIM Portal with suitable attributes: DOMAIN, AccountName, ObjectSID. Once password would be resetted, FIM Service checks in FIM Sync, which agent manages suitable domain and resets a password of this user.
      So you have to have AD MA connected to this domain with password reset checkbox enabled.

    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    • Proposed as answer by -Jeff Ingalls- Monday, September 8, 2014 5:24 PM
    Monday, September 8, 2014 2:56 PM
  • OK thanks for response. 

    For example if i have the user atest in domainA and atest in domainB.

    Is it possible to reset the password of atest in the domainA and in domainB at the sametime by responding the challenge response of FIM ? 

    How can i synchronise the password reset for atest in domainA in other domains ? 

    Regards 



    • Edited by gentelman Monday, September 8, 2014 3:51 PM
    Monday, September 8, 2014 3:19 PM
  • To synchronize password between domains, you would need to use another module of FIM: PCNS.

    You would need to install appropriate agent at every Domain Controller in observed domain and every change of password in domainA would change this user's password in domainB also. It works for every password change, not only from SSPR.

    It cannot be done using SSPR only.


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    Monday, September 8, 2014 7:38 PM
  • Going back to customization - one more thing to add :)

    If you rally need customized SSPR portal for your organization you can develop your own version using resources management client talking to FIM service


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    Monday, September 8, 2014 7:57 PM
  • OK but is it bidirectional , when i reset the password in domainB it will synchronizse it in domainA 

    For the synchronization management should i have one management agent per domain ? 

    Another question should the user register for each account in domainA and domainB ? 

    How it works if in the registration process the user don't give the same response ? 

    For customization si there any existing example for password registration ? 

    Should i develop a new site for both registration and reset ? How can i integrate it in FIM ? 

    Thanks




    • Edited by gentelman Tuesday, September 9, 2014 8:10 AM
    Tuesday, September 9, 2014 7:53 AM
  • You cannot have password reset working both way (from DomainA to DomainB and from DomainB to DomainA). It would create a loop of changes (for example if you would reset pass in DomA it would be flown to DomB, to DomA, to DomB and so on).

    In Sync manager you should have one agent per domain or if they are in the same forest, it can be done with one agent for all domains within the forest. And if you want to use PCNS, users from both (or more) domains should be joined to the same metaverse object.

    User has to be registered to be able to password reset. For FIM (Portal) DomainA\user1 is a different user than DomainB\user1, so you would need both users registered. So they can have different answers.

    For customization:

    http://technet.microsoft.com/en-us/library/hh877808(v=ws.10).aspx


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    Tuesday, September 9, 2014 9:42 AM
  • For customization i mean developing a new web for password reset and registration  ,

    is there any example ? 

    can anyone tell which are the main steps to follow for doing this ? 

    Regards

    Tuesday, September 9, 2014 12:45 PM
  • I don't know public examples. I know it can be done as we have done password reset through management agent activity at Predica as well we have done some custom app that accesses FIMService.

    But I haven't seen any public example of such things.

    You can achieve it with FIMClient:
    FIM Communication

    Some words about it:

    Recent innovations at Predica


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    Wednesday, September 10, 2014 12:40 PM