This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unable to login to AD after Change Password is performed on AD Account

Harish_Yara
New Contributor III
New Contributor III

‎01/22/2023 10:35 PM

Hi Team,

We have changed password for user AD account using Change Password task and captured that password from email template from Saviynt, after changing the pwd tried to login with the changed password but it is not working (Giving password incorrect).  

Note: We have created custom password policy(matching with AD password policy) and configured at Security System level.

Is there anything that we need to validate from Saviynt end to fix this issue? 

@rushikeshvartak 

Thanks,

Harish

Labels:
0 Kudos
11 REPLIES 11

rushikeshvartak
All-Star
All-Star

‎01/23/2023 04:12 AM

Did you configured that after password changed user need to change password on first time login?


Regards,
Rushikesh Vartak
0 Kudos

Harish_Yara
New Contributor III
New Contributor III
In response to rushikeshvartak

‎01/23/2023 05:15 AM

No in AD user need to change password on first time login is not checked. still getting incorrect pwd.

@rushikeshvartak 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Harish_Yara

‎01/23/2023 05:29 AM

share JSON


Regards,
Rushikesh Vartak
0 Kudos

Harish_Yara
New Contributor III
New Contributor III
In response to rushikeshvartak

‎01/24/2023 02:29 AM

Hi @rushikeshvartak ,

I changed AD account password with LDAP code and password is changed, also able to login with that password to office account, then i tried with Saviynt by triggering Change Password task, password change is not happening for that AD account is there any config that needs to be added before firing Change Password Task?

Thanks,

Harish

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Harish_Yara

‎01/24/2023 01:06 PM

I need json for same


Regards,
Rushikesh Vartak
0 Kudos

Harish_Yara
New Contributor III
New Contributor III
In response to rushikeshvartak

‎01/25/2023 04:29 AM

HI @rushikeshvartak , We tried with pwdLastset=-1 and pwdLastset=0 in CREATEACCOUNTJSON bothways. I am able to login with Initial password that Saviynt generates after AD account creation and but the business requirement is to send the AD account credentials at the end of joiner process in order to achieve this we have created password policy and configured this pwd policy at security system level  and triggering Change Password task using update rule, but the Change Password functionality is not working (password is not changed for AD account). 

Thanks,

Harish

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Harish_Yara

‎01/25/2023 04:40 AM

How change password task is created ?


Regards,
Rushikesh Vartak
0 Kudos

Harish_Yara
New Contributor III
New Contributor III
In response to rushikeshvartak

‎01/26/2023 07:03 AM

In user update rule I configured Change Password task for required Endpoint @rushikeshvartak

0 Kudos

Harish_Yara
New Contributor III
New Contributor III
In response to rushikeshvartak

‎02/04/2023 03:30 AM

@rushikeshvartak  - Sorry I couldn't catch you. Can you please repeat the question again?

0 Kudos

Harish_Yara
New Contributor III
New Contributor III

‎02/04/2023 03:43 AM

@rushikeshvartak  - source value for Change Password task in ars table is - "PROVRULE"

Harish_Yara_0-1675511004568.png

 

0 Kudos
Copyright © 2023 Khoros, LLC