Azure AD password not set

Hello,

In Azure AD synch project we try to  push the creation of Azure AD accounts. We have some persons in IAM with empty password (CentralPassword=null).

When the provisionning is launched for them, it fails with this error : The value of 'Password' on 'Azure Active Directory user account' did not match the password policy restrictions of 'One Identity Manager password policy'.

We effectively set up some password policies to prevent provisionning with null or empty password in different target systems.

But in the case of Azure AD, we would like to bypass this by setting a default password for Azure AD Account if   (CentralPassword=null).

I have set up this the AADUser Table , "Password" colomn where in 'Value calculation' , we did this: 

If String.IsNullOrEmpty($FK(UID_Person).CentralPassword$) Then
value = "Default_pass34$)"
End If

But it still fails with the same error : The value of 'Password' on 'Azure Active Directory user account' did not match the password policy restrictions of 'One Identity Manager password policy'.

I can't see what is missing..

How could we force to set up default password in this case ?

Thnx

Parents
  • Hello Markus,

    Thank you

    Version used is 8.1.1

    Yes we have a password policy for Azure Ad in OiM. When i test the password Default_pass34$ it passes..

    I have deactivated the password policy for OIM and for Central Password..

     

    Now it fails at the provisionning : 

     

    1777124] Error executing projection step (User) of projection configuration (Provisioning (Provisioning)).
    [1777219] Error executing synchronization step (User)!
    [1777004] Method (Insert (Insert)) could not be executed successfully.
    [System.Exception] [Exception]: ServiceException occured
    Code: Request_BadRequest
    Message: A password must be specified to create a new user.
    [ServiceException]: Code: Request_BadRequest - Message: A password must be specified to create a new user.

    Even I have set up this the AADUser Table , "Password" coloumn where in 'Value calculation' : 

    If String.IsNullOrEmpty($FK(UID_Person).CentralPassword$) Then
    value = "Default_pass34$)"
    End If

    The Account is created in table AADUser but the field Password is null.

    Other field take the value calculation into account but not the Password field, why?

    It is the ad-hoc projection workflow.

     

    Thnx

Reply
  • Hello Markus,

    Thank you

    Version used is 8.1.1

    Yes we have a password policy for Azure Ad in OiM. When i test the password Default_pass34$ it passes..

    I have deactivated the password policy for OIM and for Central Password..

     

    Now it fails at the provisionning : 

     

    1777124] Error executing projection step (User) of projection configuration (Provisioning (Provisioning)).
    [1777219] Error executing synchronization step (User)!
    [1777004] Method (Insert (Insert)) could not be executed successfully.
    [System.Exception] [Exception]: ServiceException occured
    Code: Request_BadRequest
    Message: A password must be specified to create a new user.
    [ServiceException]: Code: Request_BadRequest - Message: A password must be specified to create a new user.

    Even I have set up this the AADUser Table , "Password" coloumn where in 'Value calculation' : 

    If String.IsNullOrEmpty($FK(UID_Person).CentralPassword$) Then
    value = "Default_pass34$)"
    End If

    The Account is created in table AADUser but the field Password is null.

    Other field take the value calculation into account but not the Password field, why?

    It is the ad-hoc projection workflow.

     

    Thnx

Children