Hi Gurus,
I'm setting up password management in OneIM, and would like to ensure privileged accounts have higher requirements than regular accounts.
I'm using sub-identities (Person.IdentityType=Admin) to own privileged accounts - currently just AD accounts.
I want to:
- Be able to apply a complex centralpassword policy, but only to employees with an IdentityType=Admin (or other criteria).
- (ideally) Sync up the CentralPassword policy with an Active Directory account policy which has been synced in from my domain. I'd like this so that when an AD admin decides to change complexity rules, IM will sync in the changes automatically (which it already does) and apply these to new resets of CentralPassword.
From what I read in the documentation, I don't really see an OOTB way to do either of the above, though I could be missing something obvious!
Any help or suggestions appreciated. Happy to clarify anything if required.
Glen.