LCM Multiple Password Policies with Mutually exclusive rules

Which IIQ version are you inquiring about?

Version 8.3

Share all details related to your problem, including any error messages you may have received.

When we create different password policies for different applications and user askes to synchronize their passwords, Sailpoint seems to combine the policies together and make the user pick a password that meets the criteria for all of the password policies involved.

What if I had one application that only allowed 8 character passwords and our default policy is passwords must be > 12 characters. Is there a way to provide a user experience that forces the user to pick a different password for each password policy? Either by making them do two synchronization for applications grouped by password policy or just displaying the password select page once for each password policy in the LCM workflow?

Seems not possible out of the box straight forward. You many think about writing plug-in to customize the change password page or add some validation in workflow and through the exception to end user when the password generated doesn’t comply with the password policy for the selected applications or hide the option for syn password (which can be done via css) so that end have to generate the password for individual applications only.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.