Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

How to get temporary password for AD account on user enable.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on April 30 2021 at 07:08 UTC

Hi Team,

We are using SSM V5.5SP3. We have below queries related to password.

Scenario:-

1. We want to reset AD account password to Temporary password on user enable.

2. This temporary password we want to capture in email notification.

Is there anyway to capture this?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
1 REPLY 1

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on April 30 2021 at 15:28 UTC

Hi Dhanashree,


Documentation below mentions how to set a new password when enabling an AD account :

https://saviynt.freshdesk.com/support/solutions/articles/43000615764-active-directory-ad-connector-g...

To set it as temporary, you can use the below block, to include in your ENABLEACCOUNTJSON :

"AFTERMOVEACTIONS": { "userAccountControl": "512", "userPassword": "${randomPassword}", "pwdLastSet": "0" }

Where randomPassword is the password generated according to the settings in your connector, and pwdLastSet forces the user to reset its password.


You can catch that ${randomPassword} as a variable in the email notification that will be triggered when "Enable Account" task will be completed (set up in Endpoint)

image


Hope this helps.

Regards.




This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.