Hi all,
I'm busy with architects designing on a new scenario for me in FIM 2010 R2 Password reset Portal.
We have an existing FIM setup in our internal coperate AD Domain without any existing password reset/registration.
I've got to manage an AD (not domain- or forest-trusted) containing external users (no problem for the AD MA). The idea is to provide the FIM Password Reset Portal functionality to those users
(I've got their email address):
- Once a new user is created in that seperate AD, create an OTP via mail to that user to ask to set a password.
- Allow the users to ask for an OTP via mail on request (forgot my password) via reverse proxy (extranet scenario).
- There is no functional need for registering secrets in the self service (FIM registration NOT wanted/needed)
I'm not sure before proceeding if this is possible:
- is only OTP mail possible, without using the registering in FIM? (I think yes)
- can I set the password of a user of an external domain, without trust: this means does a reset go 100% via FIM, and there is no trust in the IIS required somehow to that domain?
I've seen the interesting video http://www.youtube.com/watch?v=T-p41Ze9ewA but I want to be sure.
Thanks for the reply and suggestions
David.
PS: anyone of you ever connected to DB2 on a Mainframe via the FIM DB2 MA?