Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12771

Docs: behera control missing from ACIs for external user stores

    Details

      Description

      Reading https://ea.forgerock.com/docs/am/install-guide/index.html#prepare-identity-repository I've found no reference to the behera draft control.
      Since OPENAM-9009 user stores can leverage the behera draft control to provide helpful error messages for password policy issues.
      The following ACI should be mentioned in the guide:

      aci: (targetcontrol="1.3.6.1.4.1.42.2.27.8.5.1")(version 3.0;acl "Allow behera draft control"; allow (read)(userdn = "ldap:///uid=openam,ou=admins,dc=example,dc=com");)
      

      Alternatively administrators can also disable the behera support (the behera settings are not applicable for Active Directory).

        Attachments

          Activity

            People

            • Assignee:
              chris.lee Chris Lee
              Reporter:
              peter.major Peter Major [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: