Release Notes: Symantec Password Self Service v8.00 Hotfix 13
|Article:TECH113325|||||Created: 2006-01-17|||||Updated: 2008-01-06|||||Article URL http://www.symantec.com/docs/TECH113325|
Patch: 13- PSS80000207307
File Details for Patch
Associated Product/Version: BindView Password Self Service v8.00
Release Date: Jan 26, 2006
BindView Password Self Service v8.00
This Hotfix addresses following issues:
- Strong Password Policy for BindView Password Self Service did not enforce case sensitive characters.
- The password history was not checked during password reset for an Active Directory user.
- Enumeration of Domain Local Security Groups in the PSS Server domain in the Delegation of Administrative Tasks functionality was not supported.
- Password reset issues which are introduced due to Hotfix 111.
For issue 1: This Hotfix provides support for enforcing upper case and lower case alphabets in passwords, which are entered on the Reset Password screen of Password Self Service Employee Web application.
To support this enhancement, new resource strings have been added to the language resources. This Hotfix takes care of updating the language resources that are shipped with the installation, which include English, French, Spanish, German, and Portuguese. If the PSS Administrator has configured PSS for using any language other than the default ones, the administrator must export the language resources to an MDE file, enter translations for missing resources, and then update the respective languages with the updated MDE file. The multilingual support feature may be enabled by launching the Multilingual Support dialog from the PSS console.
For issue 2: The password history is now checked to avoid reuse of a previous password. The number of previous passwords that cannot be reused depends on the Password Policy set on the domain. This is a new feature in PSS v8.00 and is supported for Active Directory domains only.
Note: When a user requests for a password reset, PSS first resets the user's password using a randomly generated value. PSS then applies the password supplied by the user and sets it as the new password.
For issue 3: PSS now supports enumeration of the Domain Local Security Groups in the PSS Server domain.
Please note that this hotfix 106 is fully integrated into this hotfix and it is recommended that you should install this hotfix instead of 106.
The following products must be installed before installing this Hotfix:
- BindView Password Self Service v8.00 with Hotfix 111.
Note: This hotfix also includes hotfix 106 which enables the application of password history policy during password resets done by employees using Employee Web Application. This is a default behavior. If you don't want to enable password history please follow these steps.
- Browse to \Bin. Example:C:\Program Files\BindView\Password Self Service\Bin.
- Open SupportedNamespaces.xml in any text or xml editor.
- Search for string 'applypasswordhistory'. Search will return a string 'applypasswordhistory="1"'.
- Change the string to applypasswordhistory="0". This will change the attribute value to 0 which will in turn disable the password history for Active Directory domains.
Note: Changing the xml file incorrectly can cause serious problems to the functioning of BindView Password Self Service.
- You must have Administrative privileges on the computer where you are installing this Hotfix.
- BindView Password Self Service should be configured before installing the hotfix.
Installing the Hotfix
Before installing the Hotfix, all bv-Admin applications must be closed.
To install the Hotfix, use the following steps:
- Run the Bindview_PSS80000207307_HF113.exe file.
- Follow the instructions of the installation wizard to complete the installation process.
Note: To rollback the Hotfix, double-click the Bindview_PSS80000207307_HF113.exe file. The Hotfix installation wizard will guide you through the rollback process.
Article URL http://www.symantec.com/docs/TECH113325