Unlock account

The authentication process is controlled by the authentication policy and rules. One of these parameters is the Authentication failure count. If a user attempts to log in with the wrong set of credentials then the account will be locked when the number of failed attempts equals the authentication failure count parameters.

To unlock your OpenIAM account, use the reset password feature as described above. When you click on Reset password, the system will prompt you if the account has been locked as shown below.

Click on Yes and the account will be unlocked. When the user logs in for the first time, they will be asked to change their password. This new password will be synched across all connected systems that the user has an account in.

Reset password

Administrators can initiate a password reset using the steps described below.

Log in to webconsole.
Find the user that needs a password reset using either the header search or the advanced search.
From the side menu, select Reset password as shown in the diagram below.

The reset password link will display the screen shown below. On this screen, there are several options, described below:

Parameter	Description
Reset password action	Select between: Fill password manually Sending a one-time link over email Sending a one-time link requires the user to have an email address. However, the admin will not have to perform any additional steps. If the admin selects `Fill password manually`, the admin will have additional control over the process. They will be able to determine which applications should participate in the password change, if the password will be delivered over email, or if the password should be auto-generated.
Managed system	This drop-down is used to control which systems should be updated when the password is changed. In most cases, you should use the `Check all` option to include all applications that this user has an account in.
Password	This is the temporary password provided by the admin. The password policy is shown to ensure that a valid password is provided.
Confirm password	Enter the password again. This field is used to ensure that the correct password has been captured by the system.
Send password by email	As mentioned above, by checking this box the password provided by the admin will be sent to the user over email.
Auto generate password	Eliminates the need to enter a password. The system automatically generates a password and emails it to the user.

When the user logs in for the first time after the admin has reset their account, they will be asked to change their password. This new password will be synched across all connected systems that the user has an account in.

Organization level delegation

Add/Remove entitlements