Password polices are sets of rules that govern password syntax and how passwords are used. This post covers steps on how to create custom password policy in OIM11gR2 and attaching password policies to Organizations. In Oracle Identity Manager, we can define password polices at organization level .This means that each organization can have different password policy.
One of the new feature in OIM11GR2 is that, we can create custom password policies in OIM11R2 using the system administration console. In OIM11g and earlier versions, password polices are created using OIM Design console. In OIM11gR2, we can create, search, manage and assign password policies using the system Administrators console.
In OIM, only System Administrators can create password policies. The organization administrators can select appropriate password polices from the list of password policies created by OIM System Administrators. A password policy assigned for an organization is applicable for that organization and all its sub organizations. If a different password policy is assigned for the sub organization then the password policy of the parent is overridden by the password policy of sub-organization.
In OIM, we can define the following criteria’s for the password policy rules. Minimum Length, Minimum Password Age (Days), Warn After (Days), Expires After (Days) and Disallow Last Passwords .We can configure the above password policy rules in the password policy at the time of creating the password policy.
In a password policy we can configure either default complex password policy or custom password policy. If we select the complex password option, then all password criteria’s mentioned under the complex password criteria sections will be added to password policy. If we select the Complex Password option, then we cannot use the Custom Policy option setup, and passwords will be evaluated against the complex password criteria .If we select custom password policy, then we can select the required password policy criteria’s from the available criteria’s.
Creating a password policy.
To create a new password policy, Login to OIM System administrators console.
Navigate to Password policy page and click on Create Password Policy. Create Password Policy page will be displayed.
Enter password policy name and a short description of the password policy to be created.
In the Policy Rules tab, enter the values for the password policy rule elements.
Select Complex Password or Custom Password option based up on the requirement. If you select Complex Password, then all the criterion’s mentioned in the complex password section will be added to the password policy. Alternatively you can select Custom Password policy and select the required options based up on the requirement.
Click on Apply to save the password policy.
Search the Password Policy
Navigate to Password policy page. In the Search field enter the name of the password policy to be searched.
Click on Search to continue.
The password policy enter in the search field will be displayed.
Delete the Password policy
Navigate to Password policy page. In the Search field enter the name of the password policy to be deleted.
Select the Password policy and click on Delete. The Password policy will be deleted.
To attach this newly created password policy to an organization , follow the post :Create Organization and attach password policy to an Organization in OIM11gR2