Self service password portal - password change or password reset? RRS feed

  • Question

  • When users change the password by answering the security questions using SSPR, is it considered as password change or password reset from AD's side? If this is considered as password reset, is this same as admin password reset? Would it clear of all the password policy counters set in AD (like minium password age) and starts a new counter?


    Tuesday, December 29, 2015 8:27 PM

All replies

  • It is considered as password reset and is the same as admin password reset, so would clear password policy counters, but you can configure FIM SSPR to respect those policies, so minimum password age would be respected: FIM 2010 Self Service Password Reset now supports Enforcement of all domain password policies

    This must be configured for each Active Directory management agent on which we want to enable password policy enforcement.
    Important By default, this setting is disabled for all Active Directory management agents.
    Note In the following Registry Key example, <ma name> should be replaced with the name of the Active Directory MA to be configured.
    Registry Key:
    SYSTEM\CurrentControlSet\Services\FIMSynchronizationService\Parameters\PerMAInstance\<ma name>

    Registry Value:Set ADMAEnforcePasswordPolicy = 1 to enforce password history. All other values are interpreted as turning off the new functionality.

    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    • Proposed as answer by ZuziaT Wednesday, December 30, 2015 12:26 PM
    Tuesday, December 29, 2015 9:25 PM