Step 7: Configure Self-Service Password Reset with OTP Email Gate

Configuring Password Reset consists of the following steps:

  • Configure the Password Reset AuthN Workflow

  • Configure the Administrators can read and update Users MPR for OTP Email

Configure the Password Reset AuthN Workflow

In this step we will be adding the OTP Email Gate to our Password Reset AuthN Workflow.

To Configure the Password Reset AuthN Workflow

  1. Log on to FIM1.corp.contoso.com as CORP\Administrator.

  2. Click Start, click All Programs, and then click Internet Explorer (64-bit). This will open Internet Explorer.

  3. In the Internet Explorer toolbar, enter https://fim1/identitymanagement in the address box, and then hit Enter. This will bring up the Forefront Identity Manager 2010 home page.

  4. On the right, under Administration, click Workflows.

  5. Double-click Password Reset AuthN Workflow. This will bring up the Password Reset AuthNWorkflow.

  6. Click Activities.

  7. Click Add Activity.

  8. Select One-Time Password Email Gate and click Select. Click Save. Click OK. Click Submit.

Configure the Administrators can read and update Users MPR for OTP Email

Now you add the One-Time Password Email Address to the Administration: Administrators can read and update Users MPR.

To configure the Administrators can read and update Users MPR for OTP Email

  1. Click Start, click All Programs, and then click Internet Explorer (64-bit). This will open Internet Explorer.

  2. In the Internet Explorer toolbar, enter https://fim1/identitymanagement in the address box, and then hit Enter. This will bring up the Forefront Identity Manager 2010 R2 home page.

  3. On the right, under Administration, click Management Policy Rules.

  4. In the list of MPRs, locate Administration: Administrators can read and update Users and click it. This will open the Configuration page.

  5. Click the Target Resources tab.

  6. Down under Select specific attributes, use the up-down arrows and scroll to the bottom of the list.

  7. After Time Zone, enter One-Time Password Email Address. Click to select the green check mark. This should resolve with an underline.

  8. Click OK, and then click Submit.