Create New Password Sync Adapter Wizard: Options


Specify options for the new Password Sync Adapter.

Use thisTo do this
EnabledDetermines whether the adapter is enabled.
Receive password changes from adapterDetermines whether the adapter is allowed to receive external password changes. Default is not selected.
Verify old passwordDetermines whether the adapter will verify the old password when an external password change is received. If this option is selected then with an external password change the external adapter must supply the old external password as well as the new external password. The old external password is then compared with the existing external password in the Enterprise Single Sign-On (SSO) database for that external account. If they match, the password change is accepted. If they do not match, the password change is rejected. Default is selected.
Change Windows passwordDetermines whether the Windows password in Active Directory will also be changed when an external password change is received (full sync). Default is not selected.
Send Windows password changes to adapterDetermines whether Windows password changes made in Active Directory will be sent to the external adapter. Default is not selected.
Send old password to adapterIf selected, the old password value (from the SSO database) will also be sent to the external adapter as well as the new password value. Some external systems might require both the old and new password values to change the password. Default is not selected.
Allow mapping conflictsDetermines whether the adapter will allow mapping conflicts.

A mapping conflict occurs when mappings are not unique. In a single SSO Individual application, mappings are always one-to-one: one Windows account is mapped to exactly one external account and vice versa.

However, it is possible to assign more than one application to an adapter. Thus, it is possible to have a mapping in one application that conflicts with a mapping in the other.

This purpose of this option is to prevent this from occurring. It is more secure to not allow mapping conflicts unless there is a specific, well understood requirement for this behavior.

Default is not selected.

Implementing Enterprise Single Sign-On

Community Additions