Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Password generated to create AD account does not work for authenticating user in AD

yusufw
New Contributor III
New Contributor III
In a New Hire Employee use case:
After Saviynt creates the AD account, Saviynt will send an email to the user's manager with the AD password included. Currently, when I try to authenticate the user using the password, it does not work. 
 
How can we configure Saviynt so that the password used (AD connector's randomPassword) to create the AD account is the same password that the user can use to authenticate into AD.
 
Here's some of the configuration so far:
AD CreateAccountJSON
CreateAccountJSON.png
I have also tried setting userPassword but it didn't work. 
 
When the New Account task completes, an email is sent. The email body has a ${account_password} in it. 
 
On the AD server, I am verifying that I can authenticate using the ldp tool (an ldap client), where I specify the user credential and password. 
 
 
2 REPLIES 2

armaanzahir
Valued Contributor
Valued Contributor

Hi @yusufw ,

 

Please try removing your unicodePwd mapping in your provisioning json altogether and set the below connection parameters only.

armaanzahir_0-1691347850365.png

 

This setting would implicitly set the password and associate it with the task, and on completion is referenceable in the task completion templates that are configured at the endpoint level. (${task.password})

Thanks,

Armaan

Regards,
Md Armaan Zahir

rushikeshvartak
All-Star
All-Star

Are you using password policy at security system level or connection level ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.