Skip to main content

Example: Configuring batch notification for password expiry

This example shows you how to set up a warning-level password expiry notification.

Requirements

This example assumes that:

  • Bravura Security Fabric and Connector Pack is installed.

  • An Active Directory target system is added as a source of profiles.

  • Password expiry detection is configured.

Set up a batch notification

To set up a warning-level password expiry notification:

  1. Log in to Bravura Security Fabric as superuser.

  2. Click Manage the system > Policies > User notifications > Batch notifications .

  3. Click Add new …

  4. Type:

    • ID PASSWORDEXPIRY

    • Description Notification of pending password expiry

    The notification ID can only contain ASCII characters.

  5. Set the notification Severity to Warning.

  6. Set the Plugin to run to determine compliance to Password expiry.

  7. Select the radio button for Maximum number of messages to send per user and type 2 in the adjacent field.

  8. Click Add.

    Bravura Security Fabric warns you that the compliance plugin requires configuration.

    password-expiry-notification
  9. Click the configure icon 3332.png next to the Plugin to determine compliance field.

  10. Configure parameters for password expiry:

    • Set the required Number of days before expiry that the user will be notified to 10,5,3,2,1 .

    • In the Only calculate password expiry for accounts on these target systems field, select the Active Directory system set up in Example: Detect soon-to-expire passwords.

  11. Click Update.

    password-expiry-plugin
  12. Navigate to the Batch notification information page for the PASSWORDEXPIRY notification.

    You can click the General tab or use the breadcrumb links.

  13. Configure the plugin responsible for delivering reminders.

    1. Click the configure icon 3332.png next to the Plugin to run to deliver compliance reminder field.

    2. Enter the following:

      Mail subject Your password will expire in %DAYS% days.

      Mail message

      Dear %USERNAME%,
      Your password will expire in %DAYS% days.
      Please visit the link below to change your password.
      http://bravura-pass.example.com
      Sincerely, Support Desk Manager
  14. Click Update.

    password-expiry-email
  15. Navigate to the Batch notification information page for the PASSWORDEXPIRY notification.

    You can click the General tab or use the breadcrumb links.

  16. Schedule the notification:

    1. Click the Schedule tab.

    2. Next to Days to run this job, select Only on weekdays.

    3. Enter 13:00 in the Time to run field.

    4. Click Add.

    password-expiry-schedule

You have now configured Bravura Security Fabric to notify users that their password will expire on Active Directory in 10, 5, 3, 2 and 1 days.