Administrator and user accounts in AM/OpenAM

This book provides information on administrator and user accounts in AM/OpenAM including changing passwords, what privileges are available, account lockout and known issues (with solutions).

Printer friendly view

Table of Contents

  • 1 Administrator Passwords
    • 1.1 How do I change the amadmin and dsameuser passwords at the same time in AM/OpenAM (All versions)?
    • 1.2 How do I change the amadmin password in AM/OpenAM (All versions)?
    • 1.3 How do I change the dsameuser password in AM/OpenAM (All versions)?
    • 1.4 How do I change the password for the configuration store in AM/OpenAM (All versions)?
  • 2 Administrator Privileges
    • 2.1 How do I understand what privileges apply to amadmin and delegated administrators in AM/OpenAM (All versions)?
    • 2.2 How do I add privileges to identity groups in AM/OpenAM (All versions)?
  • 3 Account Lockout
    • 3.1 How do I enable account lockout in AM/OpenAM (All versions)?
    • 3.2 Understanding OpenAM 13.x and OpenDJ 3.x account lockout behaviors
    • 3.3 How do I lock a user's account if they do not authenticate to AM/OpenAM (All versions) within a specific period of time?
    • 3.4 How do I unlock a user's account using the REST API in AM/OpenAM (All versions)?
  • 4 How do I change the search attribute used to search for users in AM 5.x and OpenAM 13.x console?
  • 5 How do I make individual user profile attributes read-only in AM/OpenAM (All versions)?
  • 6 User Passwords
    • 6.1 How do I change the data store minimum password length in AM/OpenAM (All versions)?
    • 6.2 How do I assign password policies to a user when creating the user via the REST API in AM/OpenAM (All versions)?
    • 6.3 How do I change a user's password using the REST API in AM/OpenAM (All versions)?
  • 7 Frequently Asked Questions
    • 7.1 FAQ: Users in AM/OpenAM
    • 7.2 How do I count the number of users in my ForgeRock deployment?
  • 8 Known Issues
    • 8.1 Login to AM/OpenAM console (All versions) fails for amadmin user
    • 8.2 Account lockout fails when an authentication chain contains a custom module in AM/OpenAM (All versions)
    • 8.3 Dynamic user profile creation fails with The password value for attribute userPassword was found to be unacceptable error in AM/OpenAM (All versions)
    • 8.4 Login to AM/OpenAM (All versions) fails with valid username/password after enabling Secure cookies
    • 8.5 Subsequent attempts to use ssoadm fail in AM 5.x, 6.x and OpenAM 13.x
    • 8.6 Minimum password length is 8 error in AM (All versions) when updating identities using the REST API
    • 8.7 Your account has been locked error when authentication fails in OpenAM 13.5.1