FIM 2010 R2 - Watched This YouTube video - I have questions re: FIM 2010 R2. <thanks> RRS feed

  • Question

  • Jeff Staiman

    I just watched this video and have a few questions.

    We have a large WAN, if a person is under a lockout timeout will a password change reset this counter?  I have a feeling normally user who forget their passwords, will lock it first, then attempt to create a new password via FIM.

    Can users pick their own challenge questions?

    Where will the FIM 2010 password change occur?   Again w/ a large WAN environment w/ many remote DCs (ie NOT read-only DCs) can the change be instantly replicated?  Can the password occur at the users remote site, ie at their %logonserver%, so they can log in faster after a password change?

    Can we use some programmatically entered fields, but also allow the user to enter some more challenge questions.  Ie say we know the end users last 4 of ss#, and drivers license #, etc can we use those so FIM is ready to go out of the box but optionally have the user add more questions (ie non-programmatically) at a later time?

    What happen if some 'hackers' try over and over to guess the way to challenge question answers?  Will FIM lock the account and disable self-service requests for that user going forward, or for some FIM lockout duration?

    Can we add a CAPTCHA to the public facing portal so bots and scripts dont try to guess Anna favorite teachers name, etc and try to reset her password?

    Tuesday, July 22, 2014 10:18 PM

All replies

  • FIM lock outs must be manually cleared by a FIM admin.  Not a default setting so first we had to grant FIM Admins the FIM right to reset the lock out.  Now we do periodically and sent users e-mails to inform, educate and see if they did not cause the lock out.

    Password reset from our Portals at HQ get set on one of the HQ DCs and so must replicate in our global network.  If user tries the new value and the PDC emulator happens to be available at that time then this can happen sooner then replication time.

    Tuesday, July 29, 2014 5:30 PM