Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Store encrypted password in AD

NID27
Regular Contributor
Regular Contributor

Hello,

We have configs when user is created in saviynt, it creates an AD account for the user. It also sets the userpassword attribute in AD. Below is the json.  Is it possible that the encrpted password is stored because it displaying the password as it is.

 

{"samaccountname":"${user.systemUserName}","cn":"${cn}","givenName":"${user.firstname}","extensionattribute11":"${user.systemUserName}","extensionattribute10":"${user.customproperty14}","sn":"${user.lastname}","company":"${user.companyname}","pwdLastSet":"0","manager":"${user.customproperty39}","userPassword":"SamplePass24!","description":"${user.title}","displayName":"${user.firstname} ${user.lastname}","c":"${user.customproperty15}","streetAddress":"${user.street}","St":"${user.state}","L":"${user.city}",
"postalCode":"${user.customproperty44}","co":"${user.customproperty16}","countryCode":"${user.customproperty17}","objectclass":["top","person","organizationalPerson","user"]}

 

Thanks

Nidhi Sharma

 

4 REPLIES 4

rushikeshvartak
All-Star
All-Star
  • Encrypted in saviynt?
  • if yes then use ${randomPassword}

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NID27
Regular Contributor
Regular Contributor

Hi Rushi,

It should be encrypted while storing the password in AD. We do not want to generate a random password.

Thanks

Nidhi 

You need to use ldaps connection and

 

{
"samaccountname": "${user.systemUserName}",
"cn": "${cn}",
"givenName": "${user.firstname}",
"extensionattribute11": "${user.systemUserName}",
"extensionattribute10": "${user.customproperty14}",
"sn": "${user.lastname}",
"company": "${user.companyname}",
"pwdLastSet": "0",
"manager": "${user.customproperty39}",
"password": "SamplePass24!",
"description": "${user.title}",
"displayName": "${user.firstname} ${user.lastname}",
"c": "${user.customproperty15}",
"streetAddress": "${user.street}",
"St": "${user.state}",
"L": "${user.city}",
"postalCode": "${user.customproperty44}",
"co": "${user.customproperty16}",
"countryCode": "${user.customproperty17}",
"objectclass": [
"top",
"person",
"organizationalPerson",
"user"
]
}


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM
Honored Contributor III
Honored Contributor III

Hi @NID27 , use password instead of userpassword.


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'