How to query ITIM for users who have not supplied challenge response info

Technote (FAQ)

Question

Many organizations do not know who has or has not answered the ITIM User challenge response questions. In order to find out an ITIM LDAP administrator can query for all system users who have not answered the challenge response questions.

Answer

Use a LDAP query in the ITIM LDAP to find all users who have no entries for the following binary data. Query must be done at the ou=systemUsers,ou=ITIM,ou=<tenant>,<suffix> level.

(!(erLostPasswordAnswer=*))

The results will provide you a list when exported of system users who you can then notify to answer the challenge response questions.

Rate this page:

(0 users)Average rating

Copyright and trademark information

IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.

Document information

Tivoli Identity Manager

Software version:
5.0, 5.1, 6.0

Operating system(s):
All Platforms

Software edition:
All Editions

Reference #:
1618521

Modified date:
2012-11-26

How to query ITIM for users who have not supplied challenge response info

Technote (FAQ)

Question

Answer

Rate this page:

Copyright and trademark information

Rate this page:

Add comments

Document information

Translate my page

Content navigation

Footer links