Example: Configuring batch notification for password expiry
This example shows you how to set up a warning-level password expiry notification.
Requirements
This example assumes that:
Bravura Security Fabric and Connector Pack is installed.
An Active Directory target system is added as a source of profiles.
Password expiry detection is configured.
Set up a batch notification
To set up a warning-level password expiry notification:
Log in to Bravura Security Fabric as superuser.
Click Manage the system > Policies > User notifications > Batch notifications .
Click Add new …
Type:
ID PASSWORDEXPIRY
Description Notification of pending password expiry
The notification ID can only contain ASCII characters.
Set the notification Severity to
Warning
.Set the Plugin to run to determine compliance to
Password expiry
.Select the radio button for Maximum number of messages to send per user and type
2
in the adjacent field.Click Add.
Bravura Security Fabric warns you that the compliance plugin requires configuration.
Click the configure icon
next to the Plugin to determine compliance field.
Configure parameters for password expiry:
Set the required Number of days before expiry that the user will be notified to 10,5,3,2,1 .
In the Only calculate password expiry for accounts on these target systems field, select the Active Directory system set up in Example: Detect soon-to-expire passwords.
Click Update.
Navigate to the Batch notification information page for the PASSWORDEXPIRY notification.
You can click the General tab or use the breadcrumb links.
Configure the plugin responsible for delivering reminders.
Click the configure icon
next to the Plugin to run to deliver compliance reminder field.
Enter the following:
Mail subject
Your password will expire in %DAYS% days
.Mail message
Dear %USERNAME%, Your password will expire in %DAYS% days. Please visit the link below to change your password. http://bravura-pass.example.com Sincerely, Support Desk Manager
Click Update.
Navigate to the Batch notification information page for the PASSWORDEXPIRY notification.
You can click the General tab or use the breadcrumb links.
Schedule the notification:
Click the Schedule tab.
Next to Days to run this job, select
Only on weekdays
.Enter
13:00
in the Time to run field.Click Add.
You have now configured Bravura Security Fabric to notify users that their password will expire on Active Directory in 10, 5, 3, 2 and 1 days.