Appian Community
Site
Search
Sign In/Register
Site
Search
User
DISCUSS
LEARN
SUCCESS
SUPPORT
Documentation
AppMarket
More
Cancel
I'm looking for ...
State
Not Answered
Replies
6 replies
Subscribers
4 subscribers
Views
3410 views
Users
0 members are here
Share
More
Cancel
Related Discussions
Home
»
Discussions
»
Plug-Ins
Appian user password reset - temporary password flag
mikej117
over 8 years ago
I have been making use of the "Create User With i18n" Smart Service in the Personalization Utilities plugin which accepts an argument to specify whether the supplied password is a "temporary password" or not (which then dictates whether Appian will require the user to change their password immediately upon first login).
I now have the requirement to reset an existing user's password and would like the achieve the same behaviour, i.e. Appian not to require the user to change their password immediately after their next login. I can't use the same Smart Service as the user already exists. Is there another way to achieve this?
Plugin reference:
forum.appian.com/.../summary
OriginalPostID-233587
Discussion posts and replies are publicly visible
0
Eduardo Fuentes
Appian Employee
over 8 years ago
Unfortunately it's a security requirement for temporary passwords to be temporary so that cannot be disabled.
The only option I see is (
forum.appian.com/.../Appian_Administration_Console.html
to change this setting to meet your requirement:
Prevent Reuse of Previous Passwords - How many of their previous passwords should a user not be able to chose as a new password? Valid values are between 0 and 24, inclusive. The default is 1, meaning that the user's current password may not be reused but that other previous passwords may be reused.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
mikej117
over 8 years ago
Thanks for your reply Eduardo.
When an existing user's password is reset, it gets done by a help-desk user. I'm not sure how allowing re-use of previous passwords would help in this case. Am I missing something?
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
Eduardo Fuentes
Appian Employee
over 8 years ago
I was thinking the end-user can decide to use the password they got as temporary password. Isn't the requirement for the end-user to have his password reset to a temporary one but keep that temporary one as the long term one?
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
mikej117
over 8 years ago
OK, I see what you're getting at now. Thanks, that's a good suggestion for that case.
The other case to consider is when the user asks helpdesk to reset their password. The user's next login will be intercepted by Appian asking for a the user to supply a new password.
If there was another function to change a password and set the Temporary Password Flag to false, then I could avoid this interception.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
Eduardo Fuentes
Appian Employee
over 8 years ago
How about moving your authentication to SAML or LDAP? That way you could control the reset outside Appian.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
mikej117
over 8 years ago
The users in question are only active for a short term (up to 2 weeks), so I don't think the Identity Management team would want to deal with these users. Alas.
The reason we want to avoid having temporary passwords is to avoid the redirection behaviour once the user has updated their password (Appian redirects the user to Tempo News regardless of the Start Page setting).
Ultimately, the goal is to guarantee that these users will be directed to their custom Site every time they login.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel