[midPoint] AD password question

Michal Štekláč michal_steklac at datalan.sk
Wed Aug 31 12:49:15 CEST 2016


Hi,

my mistake, sorry. I use it in Active Directory (LDAP) connector in 
which it works.

Regards
MiSo


On 31.08.2016 12:17, Ivan Noris wrote:
>
> Unfortunately, weak mapping for password will probably not work, at 
> least not with the connectors, which are not fetching the current 
> password from the remote system (which is also the case for AD .NET 
> connector).
>
> As the connector does not return the current value, it is considered 
> "empty" and the mapping will still be evaluated when the password 
> change occurs in midPoint user (even with the weak strength).
>
>
> I will try to find another solution (except of what already Roman 
> provided) in my spare time and report back.
>
>
> Regards,
>
> Ivan
>
>
> On 08/31/2016 11:21 AM, Michal Štekláč wrote:
>>
>> Hi,
>>
>>
>> Try to set strength to weak
>>
>> ...
>>
>> <credentials>
>>     <password>
>>         <outbound>
>>             <strength>weak</strength>
>>         </outbound>
>>     </password>
>> </credentials>
>>
>> ....
>>
>> On 
>> https://wiki.evolveum.com/display/midPoint/Mapping#Mapping-MappingStrength 
>> page you will find a description for the setting attribute Strength.
>>
>>
>> Regards,
>>
>> MiSo
>>
>>
>> On 31.08.2016 10:52, Aivo Kuhlberg wrote:
>>>
>>> Hi,
>>> I am using midPoint 3.4 with .NET AD connector and here are my 
>>> current schemaHandling password settings for AD connector:
>>>
>>>
>>>          <credentials>
>>> <password>
>>> <outbound/>
>>> </password>
>>> </credentials>
>>>
>>>
>>> These settings means that AD user password changes every time when 
>>> it is changed in midPoint.
>>> I do not want to manage AD users passwords at the moment with 
>>> midPoint but I still want to set AD user password in situation when 
>>> midPoint creates a new AD account. In all other sync situations AD 
>>> password should not be changed. How should I implement that?
>>>
>>> Thanks,
>>> Aivo Kuhlberg
>>>
>>>
>>> ------------------------------------------------------------------------
>>> Käesolev e-kiri võib sisaldada asutusesiseseks kasutamiseks 
>>> tunnistatud teavet.
>>> This e-mail may contain information which is classified for official 
>>> use.
>>>
>>> __________ Information from ESET Mail Security, version of virus 
>>> signature database 14045 (20160831) __________
>>>
>>> The message was checked by ESET Mail Security.
>>> http://www.eset.com
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
> -- 
> Ivan Noris
> Senior Identity Engineer
> evolveum.com
>
>
> __________ Information from ESET Mail Security, version of virus 
> signature database 14046 (20160831) __________
>
> The message was checked by ESET Mail Security.
> http://www.eset.com
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160831/3f25b6e9/attachment.htm>


More information about the midPoint mailing list