Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/11/2024 05:14 AM
In the document “Configuring Password Synchronization from Active Directory” in SavPwFilter.json the endpoints where the password change needs to be propagated to needs to be specified. Whenever I change a password in windows I can see the change propagating to saviynt in the logs, but the user object does not appear to be updated (at least the "update history" tab on the user shows no password change event and the account "last password change" remains unchanged). What endpoint do I need to specify to also change the password within Saviynt itself ? |
09/11/2024 05:18 AM
Please share json file
‼️‼️⚠️Keep company-specific private information masked on public forums, such as the name and URL.⚠️‼️‼️
Refer https://forums.saviynt.com/t5/help/faqpage/title/WhenNotifyAboutPII
09/11/2024 06:07 AM
{
"saviynt": {
"baseUrl": "https://xxx.saviyntcloud.com/ECM",
"userName": "SVC-SaviyntPwFilter",
"password": "xxxxx",
"EnabledVersion": "v5",
"v2": {
"getUserUrl": "/ws/rest/getUser",
"notificationUrl": "/ws/rest/changePassword"
},
"v5": {
"getUserUrl": "/api/v5/getUser",
"notificationUrl": "/api/v5/changePassword",
"oauthUrl": "/api/login",
"oauthRefreshUrl": "/oauth/access_token"
},
"correlation": "username",
"validateagainstpolicy": "N",
"endpoints": "<LDAP endpoint>",
"sourceEndpoint": "<windows domain endpoint>",
"retry": 3,
"timeout": 60,
"delay": 5,
"queueDelayCheck": 1,
"sendModifierInfo": true
},
"policy": {
"enabled": false,
"enforce": "local",
"local": {
"regCheck": 1,
"regString": "^.{8,127}$_(.*[a-z].*)_(.*[A-Z].*)_(.*[0-9].*)_(.*\\p{Punct}.*)_Space.0_ConsecutiveAllowed.2",
"excludePasswordMatchingAttrs": "sAMAccountName,cn,name,givenName,displayName,sn,title,userPrincipalName",
"passwordAttrsTimeout":10,
"UserDataCheck": 0,
"dictionaryCheck": 1,
"dictionaryFile": "dict\\Dictionary.bin"
},
"remote": {
"urlCheck": 0,
"policyUrl": "https://xxx.saviyntcloud.com/ECM/PolicyCheck"
}
},
"notification": {
"enabled": true
},
"log": {
"logfile": "log\\SavPwFilter.log",
"loglevel": 5,
"logsize": 10,
"backuplogfile": 5,
"verbose": 0
}
}