and more in a single search tool across platforms. Read the announcement here. |
11/15/2023 09:41 AM
Hi team,
We have a requirement to reset the password of an AD account of the user when we enable back an already disabled AD account. The below is our enable account json:
{
"MOVEDN": "NO",
"REMOVEGROUPS": "NO",
"USEDNFROMACCOUNT": "YES",
"RESETPASSWORD":"YES",
"userAccountControl": "512"
}
Once the account is enabled, the password is getting reset because we are unable to login with the initial credentials( the password that was created when we created the account initially). But if we try to login with the new credentials , we see a message that user has to reset the password before logging in. We have set pwdLastSet to -1 in RESETANDCHANGEPASSWRDJSON. But after a recon, we have noticed that pwdLastSet is still 0 for the account. Is there anything we are missing here? Below is RESETANDCHANGEPASSWRDJSON:
{
"RESET":{
"pwdLastSet":"-1"
},
"CHANGE":{
"pwdLastSet":"-1",
"lockoutTime":0}
}
11/21/2023 07:43 AM
Hello @tbhavya,
Can you try to pass the value under "ATTRIBUTESTOCHECK".
For Ref: https://docs.saviyntcloud.com/bundle/AD-v23x/page/Content/Configuring-the-Integration-for-Provisioni...
Thanks.