revision 92813213f3a80b0a65195e59993b49b66d160f69
# Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
# The contents of this file are subject to the terms
# of the Common Development and Distribution License
# (the License). You may not use this file except in
# compliance with the License.
# You can obtain a copy of the License at
# or
# opensso/legal/CDDLv1.0.txt
# See the License for the specific language governing
# permission and limitations under the License.
# When distributing Covered Code, include this CDDL
# Header Notice in each file and include the License file
# at opensso/legal/CDDLv1.0.txt.
# If applicable, add the following below the CDDL Header,
# with the fields enclosed by brackets [] replaced by
# your own identifying information:
# "Portions Copyrighted [year] [name of copyright owner]"
# $Id:,v 1.2 2008/06/25 05:40:36 qcheng Exp $
# Portions Copyrighted 2011 ForgeRock Inc
# Portions Copyrighted 2012 Open Source Solution Technology Corporation
iplanet-am-password-reset-service-description=Password Reset
p109=Password Reset
p101=User Validation naming attribute used to find the account where the password is being reset
p102=Secret Question of secret questions available to the user user can select from this list the question to which they would like to provide a password reset question.
p103=Search Filter
p104=Base DN
p105=Bind DN
p106=Bind Password
p107=Reset Password Creator class that generates the new password as part of password reset the user successfully answers their password reset question, they are emailed a new password. This class is used to \
generate said password. The custom implementation can be used as must implement the following interface:<br/><br/>\
p108=Password Reset Notification Class class used to notify the user of their new password default implementation using email to notify the user of their new password. A custom implementation can be used \
(perhaps to inform the user using SMS). A custom interface must implement the following interface:<br/><br/>\
p110=Personal Question users to have their own <i>personal</i> password reset question
p111=Maximum Number of Questions the maximum number of questions displayed on the password reset page.
p111.1=Force Change Password on Next Login user must change their password when they first login with their reset password.
p112=Password Reset Failure Lockout account lockout functionality for users using password reset can track the number of failed password reset questions answered by a user over time and if a pre-defined limit is \
breached, OpenAM can lockout the users account and perform additional functions.<br/><br/><i>NB </i>This functionality \
is in addition to any account lockout behaviour implemented by the LDAP Directory Server.
p113=Password Reset Failure Lockout Count maximum number of failed password reset question for a user before their account is locked. setting controls the maximum number of failed password reset questions a user can have during the lockout \
interval before OpenAM locks the users account.
p114=Password Reset Failure Lockout Interval lockout interval time is in minutes. tracks the failed password reset question count for a user over the lockout interval.<br/><br/>For example: If \
the lockout interval is 5 minutes and the lockout count is 5; the user will have to have failed to answer a password reset question 5 times \
over the previous 5 minutes for the account to be locked. Failed attempts to answer a password reset question that occurred outside of the \
5 minute interval are ignored.
p115=Email Address to Send Lockout Notification email address or set of email addresses that receive notifications about account lockout events. can be configured to send a localisable email message to a set of email addresses when account lockout \
events occur. The contents of the email message is configured using the following properties in the \
<code></code> file.<br/><ul><li><code>lockOutEmailFrom</code> : The "From" address of the email message</li>\
<li><code>lockOutEmailSub</code> : The subject of the email message</li>\
<li><code>lockOutEmailMsg</code> : The contents of the email message</li></ul><br/>\
The identity for whom the account has been locked is included in the email message.<br/><br/>\
The format of this property is:<br/>\
<code>emailaddress|locale|charset</code>. Multiple email addresses are space-separated.<br/>\
Email addresses must include the domain name, such as <code></code>.
p116=Warn User After N Failures the user when they reach this level of failed authentications. user will be given a warning when they reach this level of failed password reset questions during the lockout interval.\
<br/>The text of the lockout warning is configured using the <code>lockOutWarning</code> property in the <code></code> file.
p117=Password Reset Failure Lockout Duration duration of the users account lockout, in minutes. can either lockout the users account indefinitely (until administration action) by setting the duration to 0, \
(the default) or OpenAM can lock the users account for a given number of minutes. After the lockout interval, the user will be able \
to successfully authenticate to OpenAM.
p118=Password Reset Lockout Attribute Name of custom lockout attribute OpenAM locks an account, the <code>inetuserstatus</code> attribute in the locked account is set to Inactive. \
In addition, OpenAM can set the value of another attribute in the users profile.
p119=Password Reset Lockout Attribute Value to set in custom lockout attribute is the value that will be set on the custom attribute in the users profile when they account is locked.
p120=Password Reset E-mail Attribute Name of the identity attribute that holds the e-mail address. Default value is <code>mail</code>. a password reset process initiated OpenAM will try to send out an e-mail about the attempt of resetting the password, and later on the new password value as well. This property will tell OpenAM which attribute holds the user's e-mail address in the data store.
favourite-restaurant=What is your favorite restaurant?