Locking users from changing their details on the FIM portal but only allow the HR admin to perform these changes RRS feed

  • Question

    1. How can I lock users from changing their details on the FIM portal, so that it is the HR Admin only who can alter user details on the portal?
    2. How can users be locked from resetting their passwords as well and only have the helpdesk perform this task for them? Also, is there a way that FIM 2010 can generate these passwords so that they are sent by mail to the user with a notification of the password reset sent to the user's manager?

    I appreciate your assistance on this.

    Thursday, August 7, 2014 4:32 AM

All replies

  • Hi Phina,

    1./ You can edit the MPR which is granting the users to make changes to their own attributes. But please make sure, you don't change the MPR for admin account and the MPR for admin must be a separate one.

    2./ Well, this can only be done by FIM if you install and configure SSPR. Simply don't use this option to prevent the password reset by end user.

    If you are creating a same password for all users or there is some specific pattern for users, then you can send password through mail and along with this. You can create a set transition MPR for triggering a workflow in which a mail notification can be sent to user's manager in which you can mention some text as per your requirement.

    Manuj Khurana

    • Proposed as answer by Manuj Khurana Friday, August 8, 2014 10:27 AM
    Thursday, August 7, 2014 8:14 AM