Symantec IGA

Password Reset and Security questions on CA Appliance with no provisioning setup. I need to understand what are the bare minimums to get self service password reset and security questions enrollment setup. I cannot find systems requirements to do that. It seems all you need is base install of the appliance, windows connect server and portal. What other services are required?

Hi David,

There are no special requirements to configure the security questions and password rest feature.

When you modify the Forgotten Password Reset task, you can set how many questions are required to have answers on any user profile, and how many of them will be required to be answered correctly in order to allow password change.

Then, each user will need to set their security questions. 

Here's some more info from our guide:

Configure the Forgotten Password Reset, Forgotten User ID, and One-Time Password Tasks - CA Identity Manager - 14.1 - CA… 

Thanks,

Einav

(Note: if this answers your question please mark this thread as Answered. If it was helpful, please mark it Helpful -- thanks!)

Einav, 

That I understand, but what are the requirements? Do you have to have users in the CA database or will the AD server connector sync the change to AD with based install of appliance. Just want self service password and security questions in place for now. 

Hi David,

The first step is to configure the OOTB Forgotten Password Rest task in IM. This does not require users.

However in order to use the feature you must have users in the IM user store (CA Directory, not the IM database). The questions and answers sets get stored in an attribute in the user profile (of IM) called %PASSWORD_HINT%. AD server is not required. There is no sync to AD.

Hope this helps.

Einav