locked
Can the user unlock his AD account in FIM 2010 R2 RRS feed

  • Question

  • Hi all

    can a user unlock his AD account from FIM portal.

    Thanks


    Teka

    Sunday, March 15, 2015 6:34 AM

All replies

  • Hello,

    currently not out-of-box, but you can do this by customizing the portal.

    MIM vNext will provide Self-Service Account Unlock, you can check the preview on connect for that.

    I currently have Account Unlock through helpdesk but it is possible to change this to self service.

    You can use the powershell activitiy for that for example:

    1. Change RCDC for user UI and add a boolean attribute for account unlock.

    2. On change of this attribute trigger a MPR with the PS activity that unlocks the account.

    3. Reset the unlock account attribute to normal state (false).

    4. create approp. permission MPRs to allow users to change only their own account unlock attribute.

    thats it.

    -Peter


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    Sunday, March 15, 2015 10:01 AM
  • Thanks peter,

    i have another question, i have deployed FIM 2010 R2 SP1, with SSPR when the user try to reset his password he received the below error, 

    The password does not comply with your organization password policy

    Thanks


    Teka

    Sunday, March 15, 2015 2:00 PM
  • Remember that in addition to complexity and pw length, also the min. password age is checked, so if you testing this multiple times a day will not work.

    Could it be that ?

    -Peter


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    Sunday, March 15, 2015 3:07 PM
  • Thanks peter,

    the minimum password age is configured as ( 0 ) and the maximum is 30 and the complexity is disabled where is the issue?


    Teka

    Sunday, March 15, 2015 6:34 PM
  • also that happen with one user another user is working fine.

    Teka

    Sunday, March 15, 2015 7:41 PM
  • hmm, so in general it works, except for that user.

    can the user change the password within the normal Windows GUI dialog using using the same password you use for reset, so that you can check if it is valid ?


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    • Proposed as answer by Peter_Stapf Saturday, March 21, 2015 6:31 PM
    Sunday, March 15, 2015 8:22 PM
  • Thanks Peter,

    the issue was with the user as you mentioned.


    Teka

    Saturday, March 21, 2015 9:08 AM
  • Just to amplify on Peter's responses: when you reset the password it does unlock the account. But at present the end-user can't unlock the account without resetting the password. Looking forward to the release of MIM.


    David Lundell, Get your copy of FIM Best Practices Volume 1 http://blog.ilmbestpractices.com/2010/08/book-is-here-fim-best-practices-volume.html

    Tuesday, March 24, 2015 4:50 PM
  • Thank you all,

    Teka

    Wednesday, March 25, 2015 2:30 PM