Highlighted
Super Contributor.
Super Contributor.
218 views

Bidirectional eDir driver, not able to sync password through publisher channel

I have two eDir Servers, I am trying to migrate User with password from remote to source eDir (where Bidirectional eDirectory is running)

For this I have configured Bidirectional eDirectory driver in source eDir and set ignore in all attributes of driver filter for subscriber channel. In this driver I am using non-secure connection and password sync type is "Sync Distribution Password".

When I use "Migrate into Identity Vault" option of Driver through iManager, that user is successfully sync in source eDir without password, password was not coming in driver log.

In both eDir server, we have configured the same password policy and assigned that policy in user container with settings "Enable Universal Password" and "Synchronize Distribution Password when setting Universal
Password" is "true".

I have attached the driver's trace, filters and password policy screen shot, please help me on this?

Do we really need IDM Engine in remote eDir to sync password from remote to source? In my setup we have IDM Engine in both Server.

In both eDir we have installed IDM 4.7.3.0 and eDir 9.1.4.

Labels (1)
3 Replies
Highlighted
Super Contributor.
Super Contributor.

can anyone help on this?
Highlighted
Knowledge Partner
Knowledge Partner

"using non-secure connection"

That's likely to be the problem. Try it with a secure connection.
Highlighted
Super Contributor.
Super Contributor.

I have done below changes and now I am getting an info in my driver's log "[08/21/20 13:32:39.467]:Bi-directional eDirectory ST:Bi-directional eDirectory: INFO : Filtering out universal password operation, because it is not supported with selected password sync version. Modify the driver parameter if you wish to change."

1. Configured Filtered Replica in remote eDir using iManager and added CN, Surname, nspmDistributionPassword, nspmPasswordKey inside User class.

2. Check the checkbox in Password policy in remote eDir "Allow admin to retrieve password" inside section Universal Password Retrieval

3. In remote eDir, Modify Trustees ==> select the User container ==> Add admin user as an trustee and assign all Rights including Supervisor.

I have attached my driver full log.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.