It is common for users to forget their account login passwords or misplace them or enter a wrong one on several attempts. As a result, the help desk phone keeps on ringing with requests from users to either rest their passwords or unlock their accounts. For an IT administrator this can be annoying at certain times, not ignoring the fact that the task of resetting passwords requires time.
The Forefront Identity Manager (FIM) 2010 Update 1 supporting Windows server 2008 R2 SP1 is the answer to self service password reset. This new FIM update with PDCe is launched to ease the burden on IT administrators and help desk professionals responsible to manage user accounts on Windows Active Directory service. This Active Directory self service password reset feature enables Ad end users to reset their own passwords without depending on the admin staff.
How does FIM 2010 work?
The SSPR (self service password reset) feature of FIM update 2010 enables administrators to configure the FIM synchronization service to utilize the Active Directory Domain Service (AD DS) password policy settings. Once the FIM update in installed, the administrators use the FIM portal to configure the settings for user rights for Active Directory self service password reset. When a user logs on the FIM portal for the first time, a FIM password reset registration screen appears along with some security questions configured by the administrator which are to be answered to gain access later.
To reset the password, the user is required to answer the verification questions, the answers of which are confirmed by the FIM. It then allows the use to reset the password after ensuring that the password meets the security requirements of the directory service. Once this process is complete, user can return to the account login screen and open is account with the new password without asking the administrator for any kind of assistance.
The SSPR feature of FIM is all very well for Active Directory end users, but it fails to enable users the right to update their profile information as well. However, with Lepide Active Directory Self Service- an Active Directory password reset tool, this issue is also solved. This utility is designed to enable AD uses reset their own passwords, unlock their accounts and even update their own profile information. Furthermore, this Active Directory Password Reset and self service software also allows authorized users to reset passwords and unlock accounts on the behalf of their co-workers. Therefore, it can be concluded that with the focus shifting on end users Active Directory self service applications are evolving to empower users with more options.