We currently set a user's initial password within AD upon user creation with a workflow, that password is also sent to other system that require a password as well.
We need to provide a means for the user to change their password in each of those integrated point systems after some period of time and we are hoping FIM can help accomplish that. Is it possible/advisable to develop a FIM portal page where the user
can click on a button to execute the same workflow that is kicked off during initial provisioning? Seems like there has to be a way to leverage that logic/those components somehow.
The way I've seen this done is with a checkbox - "Request Password Reset" or something to that effect. When the user checks the box on their 'My Profile' page, transition in to a set to fire the workflow. As part of the workflow, set the attribute back
to false when you're done.
I would think you could also set up PCNS so that any time an AD password is changed it would be sent to FIM and password extensions on each target MA for the integrated systems could set that password on the account. Of course that requires that each
integrated system have an MA, an object in each MA joined to the metaverse object representing the user, the password extension exists or can be written for each source, etc.
If you already have the workflow, you're much further along in being able to implement it as Brian suggests. Since the user already exists, the same workflow as initial provisioning may not be appropriate in your case, but the workflow you need could
end up being very similar.
Microsoft réalise une enquête en ligne pour comprendre votre opinion sur le site Web de Technet. Si vous choisissez de participer, l’enquête en ligne vous sera présentée lorsque vous quitterez le site Web de Technet.