Active Directory Self Service
When any LDAP user forgets the password or account gets locked, one can login to the Support Portal and directly unlock or reset the password. For Non-Logged In users click the option Active Directory Self Service.
To reset the password or unlock account, LDAPS must be configured in the Technician Portal.
If LDAPS is not configured, follow the below procedure:
Login to the terminal server and create a folder named "Backup" using the below command.
mkdir backup
Move to the Backup folder using the below command:
cd backup
Copy the "cacerts" folder from the path "/usr/local/java/jdk-17.0.12/lib/security" to the "backup" folder using the below command:
cp -r /usr/local/java/jdk-17.0.12/lib/security/cacerts
Once copied run the below command:
Syntax: /usr/local/java/jdk-17.0.12/bin/keytool -import -alias {alias_example} -keystore cacerts -file /{filepath}"
Example: /usr/local/java/jdk-17.0.12/bin/keytool -import -alias motadata -keystore cacerts -file /home/flotomate/ldaps-for-itsm.cer
Save the alias name for future use.
- Press enter and provide the keystore certificate password. For example, here "changeit" is used.
- A confirmation message "Trust this certificate?" will appear. Type Yes.
Restart the main-server and analytics-server services using the below commands:
sudo systemctl restart ft-main-server.service
sudo systemctl restart ft-analytics-server.serviceNow, change the LDAP configuration to LDAPS and port 636.
- Test the connection. Once successful, try to reset the password and it will work.
Enter the Email ID or Logon Name and click on Reset Password or Unlock Account whichever is feasible.
On clicking, answer and verify the security questions asked as shown below. The Security Questions configured in the Edit User Profile will be used here for Reset Password and Unlock Account.
Once all the questions are verified, Reset the Password by entering the new Password and Confirm Password as shown below.
Once done, click Submit, and the password will get changed. Also, it will get updated in the LDAP server. You can now login to the Support Portal using the new password.
Similarly, following the same process you can unlock your account if it gets locked somehow.