Question & Answer
Question
Many organizations do not know who has or has not answered the ISIM User challenge response questions. In order to find out an ISIM LDAP administrator can query for all system users who have not answered the challenge response questions.
Answer
Use a LDAP query in the ISIM LDAP to find all users who have no entries for the following binary data. Query must be done at the ou=systemUsers,ou=ISIM,ou=<tenant>,<suffix> level.
(!(erLostPasswordAnswer=*))
The results will provide you a list when exported of system users who you can then notify to answer the challenge response questions.
[{"Product":{"code":"SSRMWJ","label":"IBM Security Identity Manager"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"6.0;5.1;7.0","Edition":"All Editions","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Product Synonym
ITIM ISIM TIM SIM
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21618521