Passing an already encrypted password to AD user creation via Account Definiton

Use Case: A new user registers an account and chooses a password in an outside system as we are sent this information via REST. A person record is then created. Then after approval an account definition is assigned and the AD user is created. 

Problem: I am unable to pass the already encrypted password from Person.UserDialogPassword column to the ADSAccount.UserPassword in a manner that successfully allows login. 

I have tried a few different routes and I've found that if I pass an unencrypted string the user will create as expect and work but if I pass the already existing password it will not. I suspect the job server is not decrpyting the password on insert and instead is using the encrypted string as the password directly. 

Current setup: 

I have modified the <process> Process, Create account step to pull the DialogUserPassword field from the Person record as a parameter for the insert process. It is marked as encrypted. That value is being passed as the encrypted string and the account does get created but the account will get a username/password failure when you attempt to log in. 

Any advice on how I can accomplish this, or what I am doing wrong?

Thanks, 

-Aaron

Parents Reply Children
No Data