Is there any way to allow a user sufficient access to change his/her password in Adagio without giving access to changing everyone's passowrds?

As far as I can tell, once a user has access to the User Setup menu, he/she can make changes to anyone's password.

Hello PwC,

If you are implementing password security, then users should not have the ability to change their password, since a central authority needs to control and administer them. Also, Users cannot have access to the User menu choice as they could change their Group assignment.

Actually, it is pretty common practice to allow a user to change his/her own password. They should not, of course, be allowed to change any of the rights that come with their username. Certainly they should not be able to change other people's passwords. ("You buy lunch and I'll tell you what I changed your password to." )

Some systems, including Windows Server and Novell, allow the administrator (SYS in Adagio terms), to set such things as:

- permission for user to change password,
- expiry of passwords (monthly, for example) or not,
- whether a previous password can be reused,
- minimum standards for passwords (legth, etc.).

Usually, even the administrator cannot read the user's password, but can reset or change it.

Hi, Ralph,

Yes. I believe what you're looking for is something, perhaps within a Tools or Maintenance menu in a module, that enables the user to change 'only' their own password (not any access selections)and only upon reverifying what their password currently is.

This is something that might be more possible in the future when a System Manager can be implemented. I can forward to R&D for you.

All of the suggestions you have re: password change, expiry, field level security and such might be implemented more readily within a System Manager.

As Andrew says, this is currently not the way Security is set up within Adagio. Currently, you will want to have security more centralized in all aspects.