Saviynt Forums

Community_User · ‎04/12/2022

Originally posted on April 30 2021 at 07:08 UTC

Hi Team,

We are using SSM V5.5SP3. We have below queries related to password.

Scenario:-

1. We want to reset AD account password to Temporary password on user enable.

2. This temporary password we want to capture in email notification.

Is there anyway to capture this?

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on April 30 2021 at 15:28 UTC

Hi Dhanashree,

Documentation below mentions how to set a new password when enabling an AD account :

https://saviynt.freshdesk.com/support/solutions/articles/43000615764-active-directory-ad-connector-g...

To set it as temporary, you can use the below block, to include in your ENABLEACCOUNTJSON :

"AFTERMOVEACTIONS": { "userAccountControl": "512", "userPassword": "${randomPassword}", "pwdLastSet": "0" }

Where randomPassword is the password generated according to the settings in your connector, and pwdLastSet forces the user to reset its password.

You can catch that ${randomPassword} as a variable in the email notification that will be triggered when "Enable Account" task will be completed (set up in Endpoint)

Hope this helps.

Regards.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Saviynt Forums

How to get temporary password for AD account on user enable.