Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
devel:documentation:adm:uniform_password [2021/03/23 14:05] svandav [Uniform password for new accounts] |
devel:documentation:adm:uniform_password [2021/04/06 12:42] svandav [How can be this feature enabled?] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Uniform password for new accounts ====== | ====== Uniform password for new accounts ====== | ||
{{tag> | {{tag> | ||
+ | (since IdM version **11.0.0**) | ||
+ | |||
The main goal of a uniform password for new accounts is to ensure that new identities will have the same password in newly created accounts. | The main goal of a uniform password for new accounts is to ensure that new identities will have the same password in newly created accounts. | ||
Line 15: | Line 17: | ||
===== How can be this feature enabled? ===== | ===== How can be this feature enabled? ===== | ||
- | This feature is enabled by default (since IdM version | + | **To ensure the same password** for all new identity accounts created during synchronization, |
+ | |||
+ | <note tip> | ||
This feature is active only during contract sync and for contracts where a identity state is changed: | This feature is active only during contract sync and for contracts where a identity state is changed: | ||
Line 22: | Line 26: | ||
* **to** state: **Valid** or **Future contract**. | * **to** state: **Valid** or **Future contract**. | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | {{ : | ||
<note tip> | <note tip> | ||
+ | |||
+ | ===== How to change password also in IdM? ===== | ||
+ | |||
+ | For use same uniform password on systems and **in the IdM**, you have to enable this feature by the checkbox **" | ||
+ | |||
+ | {{ : | ||
===== How this feature works? ===== | ===== How this feature works? ===== | ||
Line 34: | Line 48: | ||
- After the recalculation of HR processes is completed, the recalculation of automatic roles will start. Automatic roles will be assigned to contracts and account management will begin, starting the account creation process. | - After the recalculation of HR processes is completed, the recalculation of automatic roles will start. Automatic roles will be assigned to contracts and account management will begin, starting the account creation process. | ||
- As part of the account creation, it will be detected that there is an **entity state** for the given identity with the code `IDENTITY_UNIFORM_PASSWORD`. In this case, the account will **not generate a new password, but will use the password from the given entity state**. | - As part of the account creation, it will be detected that there is an **entity state** for the given identity with the code `IDENTITY_UNIFORM_PASSWORD`. In this case, the account will **not generate a new password, but will use the password from the given entity state**. | ||
+ | - Once the account is created, the `ProvisioningUniformPasswordNotificationProcessor` will ensure that the **system name** is added to the entity state. This system name will then be used in the final **notification**. | ||
- **After the end of the whole transaction** (the end of all connected events), the LRT will be notified, ensuring the synchronization of the end. The LRT begins the **uniform password end process** (**uniformPasswordManager.endUniformPasswordProcess(transactionId)**). Ie. that it sends a **notification** (to the topic `TOPIC_UNIFORM_PASSWORD_SET`) to all identities for which an entity state has been created within the given transaction, | - **After the end of the whole transaction** (the end of all connected events), the LRT will be notified, ensuring the synchronization of the end. The LRT begins the **uniform password end process** (**uniformPasswordManager.endUniformPasswordProcess(transactionId)**). Ie. that it sends a **notification** (to the topic `TOPIC_UNIFORM_PASSWORD_SET`) to all identities for which an entity state has been created within the given transaction, | ||
- After all notification is sent will be **all entity states** with code `IDENTITY_UNIFORM_PASSWORD` and created in given transaction **deleted**. | - After all notification is sent will be **all entity states** with code `IDENTITY_UNIFORM_PASSWORD` and created in given transaction **deleted**. | ||
===== Future improvements ===== | ===== Future improvements ===== | ||
- | <note tip >The manually created delegation definition should be deleted after deleting | + | <note tip >**Support |
- | <note tip >After reassigning the task, also send a notification | + | |
===== Limitations ===== | ===== Limitations ===== | ||
- | <note important> | + | <note important> |
+ | **The uniform password feature works only under one transaction ID.** It means you have to use recalculation | ||
</ | </ | ||
- | |||
- | <note important> | ||
- | |||
- | <note important> | ||
===== Main guide ===== | ===== Main guide ===== | ||
- | * [[..:delegation|]] | + | * [[..:uniform_password|]] |