!!![User Application|http://www.novell.com/documentation/idm/index.html?page=/documentation/idm/agpro/data/bookinfo.html]
Novell provides the [User Application|http://www.novell.com/documentation/idm/index.html?page=/documentation/idm/agpro/data/bookinfo.html] with their IDM 3.x product purchase. The "User Application", terrible name, but it provides functionality that will cover most peoples requirements with only the effort of installing and configuration. The application runs on JBOSS (engine provided with the product, or the applications can be installed on WEBSphere. [http://www.novell.com/products/identitymanager/password.html]

There are two versions of the "User Application":
* Basic [User Application] comes with IDM 
* [Role Based Provisioning Module] (RBPM), includes work-flow management is available for extra cost.

Password Management is available within both versions.

If you are not happy with the functions or appearance of the User Application, Novell has exposed a WSDL in the Role Based Provisioning Module (RBPM) for you to still access the [User Application Web Service]


!!![PWM |http://code.google.com/p/pwm/|target='_blank']
A servlet and JSP application that will work with the Universal Password Policy and provides lots of configuration options. Utilizes formatting via css and is flexible.

[PWM |http://code.google.com/p/pwm/|target='_blank'] has a much improved layout in the latest builds.

The [PWM Admin Guide|http://pwm.googlecode.com/svn/trunk/pwm/supplemental/PWMAdministrationGuide.pdf|target='_blank']


We have used the [PWM |http://code.google.com/p/pwm/|target='_blank'] application and it will work well for most operations.

!!Limitations and Anomalies
There are a couple of minor limitation in PWM that we have discovered. However, to help prevent you from having to do the research or find out the hard-way, we will provide you what we found.

!NMAS responses
PWM is only able to utilize existing stored NMAS responses for forgotten passwords when Novell UserApp (RBPM) is available. PWM utilizes web services available in IDM UserApp to validate user responses. This feature is optional. If UserApp is not available, PWM will use it’s own saved challenge/responses for user response validation.

As a note, the LDIF files provided, which set make schema modifications, create a proxy user and set the basic ACLs, are well written and are excellent to use for a guideline. You will need to do at least minor modifications to the files for your particular implementation.

If these items are not an issue for you, we recommend you use PWM!


!! Demo Sites
There is a [PWM public demo site.|http://pwmdemo.weisberg.net/|target='_blank']

We have an [older demo site for PWM that might be working.|PWM Demo|target='_blank']

!! Support
Open Source and only support is through User forums or [we can probably help if you need it.|mailto:info@ldapwiki.com?subject=Comment from ldapwiki for PWM]

!!![Automated Password Self Service]
We were been asked by several companies create [Automated Password Self Service] to reduce their help desk calls that were based on password changes and password reset requests.

!!! [Migrating NIS Passwords To Universal Password|Migrating Passwords To UniversalPassword]
Objective was [to eliminate NIS|Migrating Passwords To UniversalPassword] with as little impact to users as possible.

!!![Client Login Extension|Client Login Extension]
The [Client Login Extension for Novell® Identity Manager|Client Login Extension] 3.5.1 and later facilitates password self-service by adding a link to the Novell and Microsoft* GINA login clients.

!!! [Password Flow From Active Directory to eDirectory]
Just some notes on the [Password Flow From Active Directory to eDirectory]


!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]