If you are working with year groups that have a fixed password policy or syncronising from another user database you might want to prevent users from changing their Google password.
You can do this by redirecting users to custom information page rather than the standard Google 'change password" dialog, therefore effectively blocking the action.
Log into your admin console with admin rights.
Navigate to SECURITY -> Setup SSO
In the change password URL text box, put in a URL to an information page you want displayed instead of the password change dialog. Do not check in the option for Setup SSO with a third party identify provider,
Now when a user goes into their Google account to change their password they are redirected your information page. If you have a change password dialog advertised by your onsite ADFS server that makes quite a nice solution.
A couple of issues you need to be aware of.
This can only be set for all non-admin users in the organisation. There is no method for setting it for just a sub-set of users.
Also don't test this using an account with Google admin rights as they're not affected by the SSO config.
You can do this by redirecting users to custom information page rather than the standard Google 'change password" dialog, therefore effectively blocking the action.
Log into your admin console with admin rights.
Navigate to SECURITY -> Setup SSO
In the change password URL text box, put in a URL to an information page you want displayed instead of the password change dialog. Do not check in the option for Setup SSO with a third party identify provider,
Now when a user goes into their Google account to change their password they are redirected your information page. If you have a change password dialog advertised by your onsite ADFS server that makes quite a nice solution.
A couple of issues you need to be aware of.
This can only be set for all non-admin users in the organisation. There is no method for setting it for just a sub-set of users.
Also don't test this using an account with Google admin rights as they're not affected by the SSO config.
No comments:
Post a Comment