Security parameters that impact passwords

Edit online

There are additional security parameters that impact passwords, specifically, Minimum Password Length and Password Re-use history in Security Parameters and User Cannot Change Password found on the User record itself.

These security parameters are set by database, so the possibility exists that the Minimum Password Length, Re-Use History, or ability to change a password differs in the profiled databases. The synchronization routine checks these conditions in all databases against the newly changed password, and will disallow the synchronization if required. The failure reason will be displayed to during the synchronization phase, for example "New password has an invalid length in Profile XYZ", or "Password not allowed in Profile XYZ because Re-Use-Rule violated".

In addition, the Security Parameter "Log All Security Maintenance" is honored. If the synchronization changes a password with that setting enabled, a Partner Manager Log record will be created in the same database being changed. An additional Log Record in the current database summarizing the synchronization phase will be written if logging is enabled ("User name syncd password to n profile.").

The PW Expiration Date field in the Users table will be updated to reflect the new expiration date, and the User Must Change Password On Next Login flag will be cleared on all accounts updated across all selected databases.

Failure reasons will display in the list of profiles selected. Because failure reason text can lengthy, clicking on a Profile will display the complete status of that pofile in a text box below the list.

An account that is currently locked out on a database will still have its password changed, but it will not unlock that account.

Note: Database profiles are stored individually by PC, in the Windows Registry, so Profiles can differ based on where partner manager is running. Ensure your Database Profiles reflect their database instances correctly.