• Search Forums
    Advanced Search Topics Posts
Prev
Next
Forums Infor / Lawson Platforms S3 Security

Password Recovery for ESS Users?

 9 Replies
 0 Subscribed to this topic
 16 Subscribed to this forum
Sort:
Author
Messages
jojo.serquina
New Member Send Private Message
Posts: 0
New Member
4/21/2008 2:17 AM

For those who have implemented LSF90 ESS on Windows environment and ADAM -

how do you take care of users forgotten password? Do your users call your IT and let the IT folks reset and issue a temporary password? or have you implemented a password recovery application that emails a password reset link to your users and let the users take care of resetting their own password?

Appreciate the insight.

jojo.serquina
New Member Send Private Message
Posts: 0
New Member
4/22/2008 3:13 PM
I suppose not many are using LSF9 ess?
John Henley
Send Private Message
Posts: 3351
4/22/2008 4:19 PM
All of the clients I have worked with on LSF9 are using ldapbind to bind the passwords to Active Directory, which makes it "someone else's problem"...
Thanks for using the LawsonGuru.com forums!
John
jojo.serquina
New Member Send Private Message
Posts: 0
New Member
4/22/2008 4:21 PM
I really like that idea, John

Eventually, we will do the bind.
trueblueg8tor
Advanced Member Send Private Message
Posts: 41
Advanced Member
4/23/2008 12:54 AM

Like many things there is more than 1 way to do this. I am developing a jsp that prompts the user for some info, binds to our authentication Ldap and sends an e-mail with the temporary password if the info given is correct. It's been my experience that Java (with JNDI) works well with Ldap whatever "brand" you may have. 

jojo.serquina
New Member Send Private Message
Posts: 0
New Member
4/23/2008 11:39 AM
actually, after our ldap is bind, I'll be developing a similar function using coldfusion. maybe something along the lines of each user having a set of questions to answer before getting to the password reset - maybe a combination of ssn, birth date, etc. - information that's stored apart from ldap, then let coldfusion use "net user username password /domain" do it's work
John Henley
Send Private Message
Posts: 3351
4/23/2008 2:20 PM
Microsoft delivers a password change feature (IISADMPWD) with IIS, and there are a number of other solutions out there, so I'd avoid re-inventing the wheel....
Thanks for using the LawsonGuru.com forums!
John
jojo.serquina
New Member Send Private Message
Posts: 0
New Member
4/23/2008 3:35 PM
I have to look into that, John to see if it will work for our needs. But I agree, no need re-inventing the wheel.
John Henley
Send Private Message
Posts: 3351
4/23/2008 5:25 PM
It's been a while since I looked at it, but I remember there were some security issues associated with deploying it on an internet-facing site and not running SSL, but as long as you use it internally I wouldn't think it's a security risk.
Thanks for using the LawsonGuru.com forums!
John
jojo.serquina
New Member Send Private Message
Posts: 0
New Member
4/23/2008 5:30 PM
i looked into this iisadmpwd - pretty straightforward asp pages... and yes, since we're not implementing this outside the network, we shouldn't* have a problem not running it in SSL.