Click HERE to see how Saviynt Intelligence is transforming the industry. |
05/30/2024 03:05 AM
Hello,
we need to implement the following scenario: Saviynt is integrated with two different Directory Services (Windows AD and Oracle OUD, both LDAP-based) and the accounts for the users are provisioned on both systems. The need is to have the same password for the two accounts in the two LDAP systems belonging to the same user/person.
Saviynt cannot push the same password across two different target systems and, in order to sync the two passwords, the only way is to ask the user perform the reset password twice and to input the same password for the two systems.
We are developing a custom WebService (REST API based, configured with a Saviynt REST connector) that intercept the manual input password and propagate it to the LDAP directories but the client don't want custom programs that write to the target systems.
For this reason we are thinking about a slightly different solution: the custom WS will only intercept the user password and then it will trigger a job inside Saviynt via an API call to let Saviynt run the workflow for writing the password on both target systems: is this new solution achievable?
I can provide diagrams to show the overall flow or other details if needed.
Thank you.
05/30/2024 03:20 AM
@AndreaG ,
You can utilize Password synchronization feature.
Refer below document:
05/30/2024 03:41 AM
@pmahalle Thanks for the prompt reply.
We are discussing this internally since there are issues with installing additional software components into the domain controllers.
Furthermore it looks this solution does not address the password sync with Oracle Unified Directory but just in Active Directory: could you please confirm that?
05/30/2024 04:08 AM
Hi @AndreaG ,
We use this solution with Open DJ directory long back in one of the older Saviynt version, so ideally it should work with OUD as well but confirm with Saviynt once.
05/30/2024 05:49 AM
Can you share high level process
05/30/2024 06:05 AM
hope this helps.
Thank you.
06/04/2024 08:10 AM
Hi @AndreaG
If the requirement is to send same password to multiple accounts like AD account, OUD account for the same user.
You can do it at the time of reset password request itself from Saviynt by selecting multiple accounts together like below.
Regards,
Dhruv Sharma