0
Answered
Test setting initial password and enabling account
Adam van Vliet 9 years ago
in UNIFYBroker/Microsoft Active Directory
•
updated by anonymous 9 years ago •
3
Test to confirm that Identity Broker for Microsoft Active Directory is capable of provisioning users in an enabled state. A few things we know:
- SSL must be enabled in AD and on the connection;
- The password must meet the complexity requirements;
- User userAccountControl to enable the account;
- If using unicodePwd there are some prerequisites for the format of the password (enclosed in quotes and base64 encoded);
Other:
- Is anything logged in AD/Windows event log that can help diagnose?
- Can the traffic be traced?
- Is there another password field that gets the outcome without having to use unicodePwd?
- Do we have to change the connector to make this easier?
Customer support service by UserEcho
Notes for future reference:
IDBAD v4.1 and v5 connectors now support set password (sync and async respectively), and both support adding unicodePwd to the schema which can be exported to set password on adds
Created account with password set. Was able to successfully login using account.