[midPoint] AD password question

Ivan Noris ivan.noris at evolveum.com
Wed Aug 31 12:17:10 CEST 2016 

Unfortunately, weak mapping for password will probably not work, at
least not with the connectors, which are not fetching the current
password from the remote system (which is also the case for AD .NET
connector).

As the connector does not return the current value, it is considered
"empty" and the mapping will still be evaluated when the password change
occurs in midPoint user (even with the weak strength).


I will try to find another solution (except of what already Roman
provided) in my spare time and report back.


Regards,

Ivan


On 08/31/2016 11:21 AM, Michal Štekláč wrote:
>
> Hi,
>
>
> Try to set strength to weak
>
> ...
>
> <credentials>
>     <password>
>         <outbound>
>             <strength>weak</strength>
>         </outbound>
>     </password>
> </credentials>
>
> ....
>
> On
> https://wiki.evolveum.com/display/midPoint/Mapping#Mapping-MappingStrength
> page you will find a description for the setting attribute Strength.
>
>
> Regards,
>
> MiSo
>
>
> On 31.08.2016 10:52, Aivo Kuhlberg wrote:
>>
>> Hi,
>> I am using midPoint 3.4 with .NET AD connector and here are my
>> current schemaHandling password settings for AD connector:
>>
>>
>>          <credentials>
>>             <password>
>>                <outbound/>
>>             </password>
>>          </credentials>
>>
>>
>> These settings means that AD user password changes every time when it
>> is changed in midPoint.
>> I do not want to manage AD users passwords at the moment with
>> midPoint but I still want to set AD user password in situation when
>> midPoint creates a new AD account. In all other sync situations AD
>> password should not be changed. How should I implement that?
>>
>> Thanks,
>> Aivo Kuhlberg
>>
>>
>> ------------------------------------------------------------------------
>> Käesolev e-kiri võib sisaldada asutusesiseseks kasutamiseks
>> tunnistatud teavet.
>> This e-mail may contain information which is classified for official
>> use.
>>
>> __________ Information from ESET Mail Security, version of virus
>> signature database 14045 (20160831) __________
>>
>> The message was checked by ESET Mail Security.
>> http://www.eset.com
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-- 
Ivan Noris
Senior Identity Engineer
evolveum.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160831/72d3229c/attachment.htm>

More information about the midPoint mailing list