Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Random Password Generation on Enable

umang28
Regular Contributor
Regular Contributor

Hello,

We are using random password generation on ENABLEACCOUNTJSON in the AD connection:

"userPassword":"${randomPassword}"

The issue here is that there are cases when the password generated is ridiculously long something like -*?-*^)@12!DF?!7--*?-*^)12!JW?!2--*?-*^)14!JW?!2-

Is there a way we could generate a random password within 9 chars of length or matching to the password policy configured in the endpoint? In the logs I do see it is picking up the password policy but taking all null in the parameters which should not be the case.

2024-04-25 17:30:44,007 [quartzScheduler_Worker-1] DEBUG ldap.SaviyntGroovyLdapService - enable Account - T-xxx
2024-04-25 17:30:44,007 [quartzScheduler_Worker-1] DEBUG services.SaviyntCommonUtilityService - password policyRule: xxx Password Policy
2024-04-25 17:30:44,007 [quartzScheduler_Worker-1] DEBUG services.SaviyntCommonUtilityService - MinLenPwd : null maxLenPwd : null noOfCAPSAlpha : null noOfSplChars : null noOfDigits : null
2024-04-25 17:30:44,008 [quartzScheduler_Worker-1] DEBUG services.SaviyntCommonUtilityService - policyRule : xxxx Password Policy

Thanks,

Umang

6 REPLIES 6

rushikeshvartak
All-Star
All-Star
  • Create new password policy under Admin [Provide your password requirements]

rushikeshvartak_0-1714098309490.png

 

  • Attach password policy to Security System
  • rushikeshvartak_1-1714098372309.png

     


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hello rushikeshvartak,

That was already in place and in the logs showed it did pick up the password policy but taking all properties as null value 

2024-04-26 13:38:24,727 [quartzScheduler_Worker-4] DEBUG services.SaviyntCommonUtilityService - password policyRule: xxxx Password Policy
2024-04-26 13:38:24,727 [quartzScheduler_Worker-4] DEBUG services.SaviyntCommonUtilityService - MinLenPwd : null maxLenPwd : null noOfCAPSAlpha : null noOfSplChars : null noOfDigits : null
2024-04-26 13:38:24,727 [quartzScheduler_Worker-4] DEBUG services.SaviyntCommonUtilityService - policyRule : xxxx Password Policy

umang28_0-1714138918692.png

umang28_1-1714138974404.png

Thanks,

Umang

@umang28 : Can you apply password policy at connection level as well and check again. There is an issue we came across in older version in some scenarios it is looking at connection level policy instead of what is attached in Security System. So try to set below and see if that works

sk_0-1714140546324.png

 


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

umang28
Regular Contributor
Regular Contributor

Found the issue was with the Regex. If the Regex expression is not defined then it is picking up the actual properties defined in the password policy. 

Thanks,

Umang

@umang28 : Yes that is also true


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Your password policy scope is USER it should be APPLICATION


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.