Hello everyone,
We want to force to change password on ISAM LDAP account.
I read that this can be done through "ShadowLastChange" parameter on LDAP accounts, but I don't see this parameter on Target System.
Can you help me?
Thanks,
Giuseppe
Hello everyone,
We want to force to change password on ISAM LDAP account.
I read that this can be done through "ShadowLastChange" parameter on LDAP accounts, but I don't see this parameter on Target System.
Can you help me?
Thanks,
Giuseppe
Hi, Giuseppe,
First of all, do your ldap server support that attribute? If it does not , you should contact your isam ldap support in order to find out how to force a password change.
If it does, then make sure:
HtH!
Hi Juan Carlos,
Yes this parameter is present on the target system, but from the LDAP connector that I've created I can't see it from Target System view.
If I use "Browse" button to see all the parameter into Target System I can't see "ShadowLastChange" parameter but the customer can see it on his LDAP system.
Do I add this parameter to the schema in someway?
Thanks,
Giusepppe
Hi,
Yes, please have a look at the documentation that I've included on my first post:
and for mappings: https://support.oneidentity.com/es-es/technical-documents/identity-manager/9.2/target-system-synchronization-reference-guide/13#TOPIC-2079370
Update the target system schema first hand, just in case the attribute could be found prior to adding it manually. Also the user connecting to your target system must have permissions to access it.
Eventualy, if this fails and this force change is a one time operation, something you would like to run on a scheduled basics and not tied to other processes , instead of a sync project, you might consider running a script that connects to your server via powershell or other, and makes the changes. You'll need some insight on your ldap server, api and related.
Regards!
It might be an obvious one but to you reload the schema on the LDAP connector?
Hi Markus,
Do you mean with update schema on the Target System?
yes
I've tried to use update schema but I still don't see the pwdReset parameter
Is this property coming from an auxillary class?
I check and on the LDAP connector we can't find all the table that our customer sees on LDAP. I've just try with "Update schema", but it doesn't solve the problem. How can I add the other table to see if "pwdParameter" comes from that table?