Hi All,
I am trying to find out the answer of below questions in respect to FIM 2010 R2 SSPR. Can anyone please suggest me.It will great help if i got the answer of below questions.
1. If a account is locked on AD.
a. Will SSPR unlock account and reset the password on AD?
b. If account is locked, will SSPR reset the password or get an error that account is locked and cannot reset the password.
2. What automated emails can be generated to the user on successful or failed FIM reset attempts? If yes, please give some idea to implement it.
3. How can we implement pop up to force a user to register for SSPR in FIMR2 if we implemented web based password reset functionality?
4. Can any AD account be registered with FIM, and if so is it possible to enable/block certain accounts? (There are some accounts such as Service Accounts (or those without interactive logon enabled) that we may not want to allow a password reset…is the only prevention not to register questions for these?)
5. Is it possible to force the user to change the answers to the user’s registration questions periodically and how this can be done?
6. We want to prevent others/attackers from gaining access to another person’s account.
7. At some point, a user may still need to call the Service Desk to manually reset the password or unlock the account (i.e. multiple unsuccessful self-resets). How can we improve the ability to authenticate the user?
8. Can we get a report as below
- How many times a a users tried or number of attempt to reset the password.
- To show number of successful password resets in total and by user in one month.
- Reports for accounts that do/don’t have their challenge questions registered in FIM
Thanks
Harry