User should have setup the Secret Question and Answer for the User Id
- User should have valid Email Address
- The Security needs to be setup for the employee to email the PeopleSoft password.
- A new common User Id (with new Role and Permission list) will be created to access the Forgot password page to reset the User password and mail the new password to the User.
- The Common User will have access to ‘Forgot Password’ page only.
- When any user needs to reset the password by clicking the Forgot Password link, the web server auto login to the PeopleSoft system with the default User.
- The User who needs the password to be resetted will be verified with the Secret Question and Answer and reset the Password if the validation is successful.
1. Navigate to ‘Home > PeopleTools > Security > Password Configuration > Forgotten Password Email Text’ and set up the email template which needs to be sent to the User when the password is reset.
2. Create a list of Secret Questions where User can select their favorite and setup their Secret answers. The secret questions can be setup by navigating through ‘Home > PeopleTools > Security > Password Configuration > Forgotten Password Hint’
3. The User should have security setup for their passwords to be emailed. Hence, In the Permission list which is available for all the users can be setup with ‘Allow Password to be Emailed’ flag to ‘Y.
4. Users should needs to setup their Secret Question and Answer by navigating through ‘Home > My System Profile > Change or set up forgotten password help’
The Users Secret Question and Answer information will be stored at PSUSERATTR table
5. Create a new Permission list and provide full access to the following objects in the Permission list
a. Pages Tab:
Menu : MAINTAIN_SECURITY
Component : EMAIL_PSWD
Pages : All Pages
b. Component Interface Tab:
Component Interface : USERMAINT_SELF
c. Web Libraries Tab:
Web Libraries : WEBLIB_PORTAL and WEBLIB_PT_NAV (Full access to all iScripts)
6. Create a new Role and assign the newly created Permission list to the role7. Create a new User Id (Will act as Common User to auto login for resetting password) and assign the newly created role to the User. The User Type should be ‘None’. Make sure the new User able to login to the PeopleSoft system with out any issue.
8. Navigate to ‘Home > PeopleTools > Portal > Structure & Content’ and drill down on the ‘Root -> Tools – Hidden -> Forgot my password’ Content reference and check on the ‘No Template’ to ‘Y’ on the ‘General’ tab.
9. Create a new Web profile by navigating through ‘Home > PeopleTools > Web Profile > Web Profile Configuration’ to allow Public access and with the newly created Common User Id and Password
10. Create a new Site Id for your PeopleSoft system in the Web server (Contact your PeopleSoft System Administrator to create a new Site Id for the Web server).
11. For the new Site Id, we need to set the parameter to use the newly created Web ProfileId.The parameter can be set when creating a new Site Id setup process, Else after successful creation of Site Id, the Web Profile Id can set up in the Web Server ‘configuration.properties’ file.
12. Open the ‘Signin.html’ in the notepad and add the link for ‘Forgot password?’ The link should point to the ‘MAINTAIN_SECURITY.EMAIL_PSWD.GBL’ component with the newly created site id. (The Web server needs to be bounced to reflect the changes in the login page). For E.g.
http://<Web Server>/psc/<site name>/<Portal Name>/<Node Name>/c/ MAINTAIN_SECURITY.EMAIL_PSWD.GBL
1. Create a new webprofile called FORGOTPASSWORD
2. Set that webprofile to bypasssignon.
3. In your second PIA site make sure you are using the FORGOTPASSWORD web profile in your configuration.properties file for that site.
Save the files and bounce your web server.
NOTE: The URL in the signin.html SHOULD BE ‘psp’. psc was used in Peopletools 8.1x and will not work for the portal.
You may get also get a menu with an error message saying, First operand of . is NULL, so cannot access member Count (2,236) At PT_NAV.NavPortal.OnExecutFindFilterName PCPC:8156 Statement 197.
Or and error that says “You are not Authorized to access this page” with the user listed on the page.
This is because you do not have any menu access to the portal. You will not get this error if there are any portal folders marked as public on the security tab of the folders in the portal structure & content however you will also see folders to which you have no access to anything other than see them.
To fix this issue you need to navigate to PeopleTools > Portal > Structure & Content and edit the Tools-Hidden folder. If you click on the security tab you will notice that your Permission list (MAIL_PSWD) is not listed there. You will need to add it to this hidden folder to get the link to work correctly. It can be added by either running the Portal Security Synch process, or by opening the permission list in question, removing the page access, saving the permission list, then adding the page access back and saving. This will update the portal structure with the correct permission list access. Note that there is no left navigation to this page or menu as it is located in a hidden folder in the portal.
10. Go to the signon page. You should now see a hyperlink right below the password box that says, Forgot your password? Clicking on this link will give you a page that allows you to input your user id. Type in whatever user id that you were logged in as when you did the My Profile stuff.
11. Then you will be presented with the question that you setup for this user. Type in the correct answer and then you will get the password mailed to you.
12. Use the new password to logon.
Addition Comments: If you get any errors when setting this up please go back and check the following:
Permission List – Forgot My Password – Email_Pswd -> Full Access
Component Interface – USERMAINT_SELF -> Full Access
Check to make sure your SMTP setting are correct on the app server. Otherwise you will get an error that an email cannot be sent to this user. Also make sure ALL users have valid email addresses in their user profiles.
NOTE: If you are using Password controls be sure to set the LASTPSWDCHANGE field in the PSOPRDEFN table for the user you created ‘ForgotPassword’ to a future date so it’s password does not expire, otherwise this user will not be able to logon to get to the hint page for the user trying to get a new password (See Document:611621.1 -E-SEC: Can you control which users have password controls?)
If you are using the Enterprise Portal then in order to get the forgotten password user to be able to logon without having the left hand menu access, or without having to give the user the PAPP_USER role, you will want to navigate to PeopleTools > Portal > Structure & Content and drill down on the Tools – Hidden folder. Open the Forgot my password Cref and click on the No Template checkbox half way down on the general tab. This will take the user directly to this page and not allow the portal navigation.
NOTE: There is no windows client option here, this is web based only. The forgotten password functionality is setup using the web server and bypass signon. The client does not use the web server. For client users, the user could always logon through the web, change their password then go into the client.
No comments:
Post a Comment