Identity Manager Community

Forum Custom rule for Password Policy in V8.0.1

State Verified Answer
Locked Locked
Replies 6 replies
Subscribers 93 subscribers
Views 3880 views
Users 0 members are here

Options

Related

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Custom rule for Password Policy in V8.0.1

mustapha.gaies over 5 years ago

Hello,

I've got a specific rule I would like to implement in one of my Password Policies.

So far, I generate a random password 2 caracter long with one lowercase caracter and one numeric caracter ; xy. I would like the final result to be xxxxyyyy, to do so I'm using a custom script as suggested by the documentation https://support.oneidentity.com/technical-documents/identity-manager/8.0.1/administration-guide-for-connecting-to-active-directory/12#TOPIC-911002 .

I can't manage to output a longer password than the input. I get an error no matter what, even for a script as simple as :

Public Sub CCC_PwdGenerate(ByVal policy As PasswordPolicy, ByVal spwd As SecureString)
spwd.AppendChar(CChar("@"))
End Sub

Is is allowed to generate a password longer than the input? What is the easiest way to do it?

Thanks guys,

Mustapha

Top Replies

Markus Weiss-Ehlers over 5 years ago in reply to mustapha.gaies +1 verified

It is not allowed to generate a password that is longer than the MaxLen. If you just append a character of a random password generated with MaxLen you will not succeed.

0 Markus Weiss-Ehlers over 5 years ago

If would be easier for the community to help you if you would post the error message in addition.
Cancel
Up 0 Down

Cancel
0 mustapha.gaies over 5 years ago in reply to Markus Weiss-Ehlers

Hello Markus,

Here is the error message from the manager when generating a sample password :

Regards,

Mustapha
Cancel
Up 0 Down

Cancel
0 Markus Weiss-Ehlers over 5 years ago in reply to mustapha.gaies

Does your generated password adhere to your configured password rules? (MinLen, MaxLen, ...)
Cancel
Up 0 Down

Cancel
0 mustapha.gaies over 5 years ago in reply to Markus Weiss-Ehlers

Not really.

If I set MinLen and MaxLen to large numbers, I don't get the error anymore but the generated password doesn't fit the rules. The generared password is always a random string, 9 caracter long with the extra caracter '@' which I'm appending in the custom script.
Cancel
Up 0 Down

Cancel
+1 Markus Weiss-Ehlers over 5 years ago in reply to mustapha.gaies

It is not allowed to generate a password that is longer than the MaxLen. If you just append a character of a random password generated with MaxLen you will not succeed.
Cancel
Up +1 Down

Cancel
0 mustapha.gaies over 5 years ago in reply to Markus Weiss-Ehlers

You are perfectly right, this is the main reason why I couldn't get my script to work.

Thank you.
Cancel
Up 0 Down

Cancel