This article is valid for Digital Access 6.2 and later.

This article describes how Smart ID Digital Access component is set up so that end users can change and/or reset their own password. This can be used when passwords are about to expire, already have expired or when an end user have forgotten their password.

Prerequisites

A license that enables self-service password reset is available.
Notification channels are set up, see Set up email or sms notification channel in Digital Access.
An authentification method with password is set up, see Set up authentication method in Digital Access.
A user with account operator rights in the Active Directory (AD) or openLDAP is set up. This user can change and reset AD and openLDAP passwords.
The AD has activated LDAPS.

Step by step instruction

Log in to Digital Access Admin with an administrator account.

If a user storage shall be used to store users, a certificate authority must be added before the user storage is configured, see Add certificates in Digital Access.

In Digital Access Admin, go to Manage Accounts and Storage.
Click Certificate > Add Certificate Authority...
Select Microsoft Active Directory and click Next.
Enter general settings, see example below.
Check Use SSL.
Check Password change enabled.
Check Password reset enabled.
Click Next.

In Digital Access Admin, go to Manage Accounts and Storage.
Click Self Service > Password Reset.
Check Enable End User Password Reset.
Enter settings for the password. For help, click the ?-sign.
Enter SMS and mail messages if applicable.
Check Enable Time Locking of password reset requests.
Enter settings for time locking.
Click Save.

Related information

Links

How to activate LDAPS

Nexus Documentation

Enable self-service password handling in Digital Access

Prerequisites

Step by step instruction

Related information

Links