Planning and designing your Identity & Access Management architecture can be pretty complex, depending on your use cases. Even when using a set of tools like ForgeRock’s Open Identity Suite … which is pretty easy to install. You need to understand which products are right for your use cases and requirements. Should you use OpenAM …
Just a quick note from my past self to my future self … Set up: Apple MacBook Pro (Late 2013) 2.3 Ghz Intel Core i7 16 GB 1600 Mhz java version “1.8.0_51” Java(TM) SE Runtime Environment (build 1.8.0_51-b16) Java HotSpot(TM) 64-Bit Server VM (build 25.51-b03, mixed mode) mvn -version Apache Maven 3.3.3 Check out from …
Overview A very common use case, when implementing ForgeRock’s OpenAM, is forcing a user to reset their password the next time they login. Seems easy enough right? … next time a particular user authenticates in they should be prompted to change their password before continuing on to the resource (web page) that they had originally …
OpenAM: Forcing users to reset password on next login. Read More »
Use Case: In an enterprise setup you would likely want to know when a user has locked their account (e.g. too many failed password attempts) and more than likely want to distribute that information to other systems in your environment. One solution would be to enable OpenIDM to monitor the user identity repository for changes …
#ForgeRock: Using #OpenIDM to sync Account Lockout Status #IDM Read More »
On average I spend a lot of time opening documents online. One set of documents I refer to frequently is the ForgeRock Technical Document set. While it’s not overly arduous to open a browser tab and click on a bookmark or type in the URL, I have wanted to find a better shortcut for this task. …
I use the command line a lot when interfacing with OpenDJ. One of the issues with this is that I often run into an issue with the BindDN user’s password has an “!” (bang) in it. As this is a special character in Unix/Linux command line, it will typically cause unexpected results. With ldapsearch you …
OpenIDM 3.1 comes with several password policies enabled by default. There are often times when you will need to implement additional policies or even modify or extend existing policies. This is a quick guide that will walk you through the basics of implementing your own password policies. Let’s talk a little bit about what’s there …
A customer needed to ensure that passwords contained at least one ‘special character’ when a new password was created in OpenIDM. I borrowed heavily from the provided samples but had to figure out the correct regexp formatting. Here is the function that I used to implement this: function atLeastXSpecialChars(fullObject, value, params, property) { isRequired = …