I am using WSO2 APIM 3.2.0 and WSO2 IS 5.11.0.
Is there a way to enable the admin (super_admin) non lock feature?
i.e. even if n attempts of wrong password is used for the admin account login, the admin account should not be locked.
These are the only configurations I could observe for super_admin which is mentioned in the below link
https://is.docs.wso2.com/en/latest/setup/configuring-the-system-administrator/
Is this possible through deployment.toml file or other configuration?
You can assign the Internal/system role to any user to avoid that user getting locked.
But need to keep in mind that this will allow brute-forcing the super admin password. Therefore, the super admin username should be an uncommon one.
Related
In wso2IS 5.11 how can we onboard user without password during self registration. I tried to disable the validation in self registration page it didn't worked. Is there any way in which we can onboard user without using password.
WSO2 identity server self-registration pages do not support passwordless self-registration. However, you can implement that via a custom page. The following link will help you.
lite user registration: https://is.docs.wso2.com/en/latest/learn/lite-user-registration/
But if you want you can do self-registration without account locking.
I am using the .NET API to provision user accounts. I am having a problem when trying to update a user who has delegated admin privileges as a member of one of the builtin admin roles such as the "Password Reset Role". If I remove them from the role the account is updated successfully. When a member, I cannot update orgUnitPath, givenName, or familyName. I am able to update the custom attributes that have been added.
Anyone know if this a bug or feature? I am using version 1.36.1.1335 of the Google.Apis.Admin.Directory.directory_v1.dll library.
I have setup WSO2 EMM with a Read-only LDAP as the user store..
I have gotten the user authentication to work, and if I create roles like subscriber, store or store-admin in the LDAP, that works as well..
But I would like to change the names of the roles, as they are a little too generic.. how do I that??
For the admin role, it can be done in: wso2emm-2.0.1/repository/conf/user-mgt.xml, by changing the:
admin
to something else... but I can't find this for the other roles...
Thanks
With respect to WSo2 API Manager Store, I have 2 tenants created in Management Console.
I am able to view those tenants in Store but expect carbon tenant, other users doesnt have an option Signup.
I tried this link too but its not working. https://docs.wso2.com/display/AM1100/Customizing+the+API+Store
Can anyone guide me please?
By default, self sign up is disabled for tenants AFAIK. You can enable this by following the below steps.
Login to management console as tenant admin
Go to the registry browser which can be found in the left menu.
Traverse to /_system/governance/apimgt/applicationdata/sign-up-config.xml file.
Change to true.
After that, go to the api store and you should see the sign up button.
Does anyone know if the Admin SDK / Email Settings API has changed recently? Previously we were able to delegate a user account for a user that was disabled, this is no longer that case.
Thanks