Hi Guys,
It seems everyone have valid points from their ends.
Since this is a problem at the context of identity management and secure
enrollment, shall we take this discussion specially to PrabathS as well?
Adding PrabathS to the discussion...
Regards,
Dilan.
*Dilan U. Ariyaratne*
Guys,
I'm planning to do the $Subject.
Right now we ourselves have implemented a functionality where an email is
triggered upon creating users. However, this particular functionality
appears to be already there with a much better implementation as part of IS
components. What it does is,
Hi Prabath,
That sounds ok to me. But will it break the end-user experience since the
users have to login to MDM console and then to enroll the device instead of
directly enrolling the device (2 MDM logins vs 1 login)?
Thanks,
Lakshitha Harshan
Software Engineer
Mobile: *+94724423048*
Email:
Hi guys,
The usual approach will work fine for normal web application scenarios
where the user is invited to the web app. But our scenario is specific
where the user mainly uses the account to enroll the device. The problem
Harshan mention is critical if we follow the proposed approach.
How about
Hi all,
If it is configurable whether to use the 'ask user for password or admin
assign it(auto generated) it would be ideal.
Regards,
Inosh
On Wed, Jun 10, 2015 at 10:46 AM, Dulitha Wijewantha duli...@wso2.com
wrote:
Hi guys,
The usual approach will work fine for normal web application
Yeah. +1 for configurable feature.
Lakshitha Harshan
Software Engineer
Mobile: *+94724423048*
Email: hars...@wso2.com
Blog : http://harshanliyanage.blogspot.com/
*WSO2, Inc. :** wso2.com http://wso2.com/*
lean.enterprise.middleware.
On Wed, Jun 10, 2015 at 10:48 AM, Inosh Perera ino...@wso2.com
-1 for configurable feature. This could potentially open up a security
hole. Also since this is not something that's going to vary based on the
customer (enrollment is a general use case) - I believe we should choose a
method.
On Wed, Jun 10, 2015 at 11:06 AM, Harshan Liyanage hars...@wso2.com
+1. @Harshan-I think what Prabath mentions is just end user changing the
password if required. So it's not necessarily 2 times. Anyway it's the
similar approach we had in 1.1.0. And I don't see an alternative to this
method. So I think we better do this.
On Wed, Jun 10, 2015 at 5:43 AM, Harshan
+1. I think we should do this because user should have the freedom to
choose the password under some kind of password policy.
On Wed, Jun 10, 2015 at 9:59 AM, Kasun Dananjaya Delgolla kas...@wso2.com
wrote:
+1. @Harshan-I think what Prabath mentions is just end user changing the
password if