adnowak Absent Member.
Absent Member.
298 views

Password Synchronization from AD to IDM


Hi,

I want to synchronize password from Active Directory to IDM.
The synchronization works well, but it works like when admin change the
password to the user. The user has to change the password, with Grace
Login = 5.

There is a configuration in an Active Directory driver to synchronize
password like when a user change it?
I see an option in the Password Policy, "Do not expire the user's
password when the administrator sets the password". There is the same
option only for a driver?

Thanks,


--
adnowak
------------------------------------------------------------------------
adnowak's Profile: http://forums.novell.com/member.php?userid=112383
View this thread: http://forums.novell.com/showthread.php?t=448731

Labels (1)
0 Likes
1 Reply
Knowledge Partner
Knowledge Partner

Re: Password Synchronization from AD to IDM

On 11/25/2011 12:56 PM, adnowak wrote:
>
> Hi,
>
> I want to synchronize password from Active Directory to IDM.
> The synchronization works well, but it works like when admin change the
> password to the user. The user has to change the password, with Grace
> Login = 5.
>
> There is a configuration in an Active Directory driver to synchronize
> password like when a user change it?
> I see an option in the Password Policy, "Do not expire the user's
> password when the administrator sets the password". There is the same
> option only for a driver?


Are you using Universal Password/Distribution Password? My guess is,
you are not, and are syncing to the NDS password, and EVERY change of
that through the driver looks like an admin reset of the password.

In Designer, look at your driver, right click on the link line, Password
Sync, and look at the GCV's there. Should be using Distribution Password.

nspmDistributionPassword needs to be in the filter Sub-Notify only.
(Technically this is just for Sub channel syncing, and if you are only
doing Pub channel then this is not entirely needed).

If you sync to DP, which the password policy syncs to UP, which the
users then use to login to eDir, then the password change by the driver
looks like a user change.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.