[midPoint] Password two-way updating from AD
Rod Holman
rholman at oaisd.org
Wed Jun 9 20:07:59 CEST 2021
Hi All,
We have been able to set up attribute updating for both inbound and outbound, but can it also be setup for passwords? I have one attribute listed below that we use with Active Directory that allows us to change it in AD or Midpoint. We are trying to do the same thing with the password, allow it to be updated in either midpoint or Active Directory and sync it with any other system the user is attached to. When we update the password in Active Directory it doesn't update to the same password in Midpoint, but it removes the password completely. I'm pretty sure it's because Active Directory has it encrypted. Is there a way to do this? Thanks in advance for any help with this.
<attribute id="104">
<c:ref xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">ri:mail</c:ref>
<tolerant>false</tolerant>
<exclusiveStrong>false</exclusiveStrong>
<outbound>
<strength>normal</strength>
<source>
<c:path>emailAddress</c:path>
</source>
</outbound>
<inbound id="117">
<strength>strong</strength>
<target>
<c:path>emailAddress</c:path>
</target>
</inbound>
</attribute>
<password xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xsi:type="c:ResourcePasswordDefinitionType">
<outbound>
<authoritative>false</authoritative>
<exclusive>false</exclusive>
<strength>normal</strength>
</outbound>
<inbound>
<authoritative>false</authoritative>
<exclusive>false</exclusive>
<strength>strong</strength>
</inbound>
</password>
Thanks,
Rod Holman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20210609/3d27f069/attachment.htm>
More information about the midPoint
mailing list