IDM 4.0.1
User App 4.0.1
My clients requirement.

My client wants a kind of second level authentication for their
external users.

Eg: When new or already existing user has been assigned a group
entitlement (eg: "Finance" Group entitlement) then
1) we need to change those user password expiration from 90 to 45
2) Prior to those users password expire (lets say 5 day before the
password expire)we need to send a email notification to those users
with UserApplication URL (UserApplication URL is a page with text area
and submit button)
with some auto genrated security code or randam number.The users
will click link, entered the security code and when they click submit it
must validate secuirty code against edirectory and if it matches then
the password expiration date for that user should get extend to
another 45 days.

Is this doable?
If it is doable how i can achive this scenario?

What i have in my mind is
Null driver to verify the "Finance" Group entitlement.
When "finance" group entitlement is assigned to an user, nulldirver
will sends the email notification with User Application URL & a random
generated number ( this random number will be stored in an attribute
The UserApplication URL will point to custom created page which has
text area to enter the "security code" which will be send via email
Once sumbitted it matches the Security code against the users
attribute(SecCode)value. if succeed then it triggers nulldriver to
extend the users password expiration date to another 45 days.

Let me know there is any other better way to handle this scenario

lvaradha's Profile:
View this thread: