Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
tutorial:adm:manage_ad [2021/06/14 08:07] 127.0.0.1 external edit |
tutorial:adm:manage_ad [2021/06/25 06:32] soval [Forced password change] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Systems - AD: Manage users ====== | ====== Systems - AD: Manage users ====== | ||
- | |||
===== Introduction ===== | ===== Introduction ===== | ||
This tutorial will show you how to connect AD as a target system for users (their accounts) from CzechIdM. We will use an AD bundle connector from ConnId. | This tutorial will show you how to connect AD as a target system for users (their accounts) from CzechIdM. We will use an AD bundle connector from ConnId. | ||
Line 7: | Line 6: | ||
===== Before you start ===== | ===== Before you start ===== | ||
- | |||
==== Adding Active Directory connector ==== | ==== Adding Active Directory connector ==== | ||
- | |||
Since CzechIdM 9.2, the [[https:// | Since CzechIdM 9.2, the [[https:// | ||
Line 168: | Line 165: | ||
* Attribute with password - true | * Attribute with password - true | ||
+ | ==== Forced password change (User must change password at next logon) ==== | ||
+ | When mapping AD attributes, it is sometimes useful to be able to set a forced password change option. This requirement is often set for two different cases: | ||
+ | |||
+ | * We need to change the password when logging into AD **for a new user account** | ||
+ | * We need to force a password change but **only after a password reset** | ||
+ | |||
+ | 1/ To force a password change for newly created users, map the **" | ||
+ | |||
+ | |||
+ | 2/ If we need to force password change every time password is reset, map attribute pwdLastSet too, but **with checkbox " | ||
+ | |||
+ | {{: | ||
===== Role for AD ===== | ===== Role for AD ===== | ||
Line 261: | Line 270: | ||
The value of this property must be a proper URL, e.g. ''< | The value of this property must be a proper URL, e.g. ''< | ||
+ | |||
===== Video Guide ===== | ===== Video Guide ===== | ||
[[https:// | [[https:// |