Reset eDirectory and Mircosoft AD user password at the same time
349 views
Skip to first unread message
hkxf...@gmail.com
Sep 18, 2012, 6:23:40 AM9/18/12
to pwm-g...@googlegroups.com
Hi all,
Our client have both Novell eDirectory and Microsoft AD on Windows 2003. If user want to reset the password, they need reset 2 times. All user have identical username. I wonder if the PWM allows reset both password one by one with single interface?
Menno Pieters
Sep 18, 2012, 6:32:20 AM9/18/12
to pwm-g...@googlegroups.com
On Tue, Sep 18, 2012 at 12:23 PM, <hkxf...@gmail.com> wrote:
Hi all,
Our client have both Novell eDirectory and Microsoft AD on Windows 2003. If user want to reset the password, they need reset 2 times. All user have identical username. I wonder if the PWM allows reset both password one by one with single interface?
Out of the box no, but I have two suggestions:
- Use a provisioning engine that synchronizes passwords from one directory to the other. This would be the best option, not just for passwords, but for all account management options. Both commercial and open source solutions exist.
- Create a custom module for PWM to set the password to a second system after the first has been provision (advanced option). This would be just a workaround and without any guarantee. PWM will not retry or present an error if the custom module fails.
Menno
--
You received this message because you are subscribed to the Google Groups "pwm-general" group.
To post to this group, send email to pwm-g...@googlegroups.com.
To unsubscribe from this group, send email to pwm-general...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg/pwm-general/-/Z6HWzla729kJ.
For more options, visit https://groups.google.com/groups/opt_out.
hkxf...@gmail.com
Sep 18, 2012, 8:47:47 AM9/18/12
to pwm-g...@googlegroups.com
Hi Menno,
Thanks for your reply, and could you suggest what kind of open source solution could performs synchronizes the password from one to another?
Secondly, is the "custom module for PWM" represent writtem in Java?
thanks!!
Menno於 2012年9月18日星期二UTC+8下午6時32分41秒寫道:
Thanks for your reply, and could you suggest what kind of open source solution could performs synchronizes the password from one to another?
Secondly, is the "custom module for PWM" represent writtem in Java?
thanks!!
Menno於 2012年9月18日星期二UTC+8下午6時32分41秒寫道:
Menno Pieters
Sep 18, 2012, 8:57:44 AM9/18/12
to pwm-g...@googlegroups.com
On Tue, Sep 18, 2012 at 2:47 PM, <hkxf...@gmail.com> wrote:
Hi Menno,
Thanks for your reply, and could you suggest what kind of open source solution could performs synchronizes the password from one to another?
Check these sites:
Secondly, is the "custom module for PWM" represent writtem in Java?
Yes, you need to write a class that implements the interface password.pwm.ExternalChangeMethod. You need to include that in your classpath and let it write the password to the other system (in your case either eDir or AD).
Regards,
Menno
thanks!!
Menno於 2012年9月18日星期二UTC+8下午6時32分41秒寫道:
> On Tue, Sep 18, 2012 at 12:23 PM, <hkxf...@gmail.com> wrote:> To post to this group, send email to pwm-g...@googlegroups.com.
>
>
> Hi all,
>
>
>
> Our client have both Novell eDirectory and Microsoft AD on Windows 2003. If user want to reset the password, they need reset 2 times. All user have identical username. I wonder if the PWM allows reset both password one by one with single interface?
>
>
>
>
> Out of the box no, but I have two suggestions:
> Use a provisioning engine that synchronizes passwords from one directory to the other. This would be the best option, not just for passwords, but for all account management options. Both commercial and open source solutions exist.
>
> Create a custom module for PWM to set the password to a second system after the first has been provision (advanced option). This would be just a workaround and without any guarantee. PWM will not retry or present an error if the custom module fails.
>
> Regards,
>
> Menno
>
>
>
> --
>
> You received this message because you are subscribed to the Google Groups "pwm-general" group.
>
>
> To unsubscribe from this group, send email to pwm-general...@googlegroups.com.
>
> To view this discussion on the web visit https://groups.google.com/d/msg/pwm-general/-/Z6HWzla729kJ.
>
> For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups "pwm-general" group.
To post to this group, send email to pwm-g...@googlegroups.com.
To unsubscribe from this group, send email to pwm-general...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg/pwm-general/-/PXcIjnQk1AoJ.
user.admi...@psd150.org
Sep 19, 2012, 3:36:19 PM9/19/12
to pwm-g...@googlegroups.com, hkxf...@gmail.com
On Tuesday, September 18, 2012 5:23:40 AM UTC-5, (unknown) wrote:
> Hi all,
>
> Our client have both Novell eDirectory and Microsoft AD on Windows 2003. If user want to reset the password, they need reset 2 times. All user have identical username. I wonder if the PWM allows reset both password one by one with single interface?
> Hi all,
>
> Our client have both Novell eDirectory and Microsoft AD on Windows 2003. If user want to reset the password, they need reset 2 times. All user have identical username. I wonder if the PWM allows reset both password one by one with single interface?
We're doing something similar - we have Novell eDirectory and need it to also change a Microsoft Office365 password. You can do the custom Java code as Menno describes, or you can also use the external REST change method - if you have any Microsoft web developers on staff, they can create a simple web service (.asmx file) for this. The client enters their new username/password into PWM, and if it is successful, the username and new password can be passed to the web service, which can then do whatever. In our case, we're writing a text file to a secured location, which is polled regularly, so that Powershell can run the password change script for the Microsoft Office365 password.
Either way is work, but if you don't know Java, you can also use the web service option.
Matt Weisberg
Sep 19, 2012, 10:18:12 PM9/19/12
to pwm-g...@googlegroups.com, hkxf...@gmail.com
Matt
--
You received this message because you are subscribed to the Google Groups "pwm-general" group.
To post to this group, send email to pwm-g...@googlegroups.com.
To unsubscribe from this group, send email to pwm-general...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg/pwm-general/-/eNcMEOOF5ZYJ.
chan...@gmail.com
Nov 30, 2013, 10:20:09 AM11/30/13
to pwm-g...@googlegroups.com, hkxf...@gmail.com, user.admi...@psd150.org
hi there,
could somemore share more of the following?
i would like to change MS AD and Office365 pw via PWM
Matt Weisberg
Dec 1, 2013, 7:38:33 AM12/1/13
to pwm-g...@googlegroups.com, hkxf...@gmail.com, user.admi...@psd150.org
Another option, albeit not free, is NetIQ Identity Manager. Identity
Manager has an Office 365 driver that can sync passwords from eDirectory
to Office 365 as well as to AD.
Matt
--
-----
Matt Weisberg
Weisberg Consulting, Inc.
ma...@weisberg.net
www.weisberg.net
ofc. 248.685.1970
cell 248.705.1950
fax 248.769.5963
>>> On 11/30/2013 at 10:20 AM, in message
Weisberg Consulting, Inc.
ma...@weisberg.net
www.weisberg.net
ofc. 248.685.1970
cell 248.705.1950
fax 248.769.5963
<ec0e2f93-42ec-4630...@googlegroups.com>,
<chan...@gmail.com>
wrote:
>
> hi there,
>
> could somemore share more of the following?
> i would like to change MS AD and Office365 pw via PWM
>
> " if you have any Microsoft web developers on staff, they can create
a
> simple web service (.asmx file) for this. The client enters their
new
> username/password into PWM, and if it is successful, the username and
new
> password can be passed to the web service, which can then do
whatever. In
> our case, we're writing a text file to a secured location, which is
polled
> regularly, so that Powershell can run the password change script for
the
> Microsoft Office365 password "
>
>
>
it to also
> change a Microsoft Office365 password. You can do the custom Java
code as
> Menno describes, or you can also use the external REST change method ‑
> change a Microsoft Office365 password. You can do the custom Java
code as
if you
> have any Microsoft web developers on staff, they can create a simple
web
> service (.asmx file) for this. The client enters their new
username/password
> into PWM, and if it is successful, the username and new password can
be
> passed to the web service, which can then do whatever. In our case,
we're
> writing a text file to a secured location, which is polled regularly,
so that
> Powershell can run the password change script for the Microsoft
Office365
> password.
>>
>> Either way is work, but if you don't know Java, you can also use the
web
> service option.
>
> ‑‑
> have any Microsoft web developers on staff, they can create a simple
web
> service (.asmx file) for this. The client enters their new
username/password
> into PWM, and if it is successful, the username and new password can
be
> passed to the web service, which can then do whatever. In our case,
we're
> writing a text file to a secured location, which is polled regularly,
so that
> Powershell can run the password change script for the Microsoft
Office365
> password.
>>
>> Either way is work, but if you don't know Java, you can also use the
web
> service option.
>
> You received this message because you are subscribed to the Google
Groups
> "pwm‑general" group.
Groups
> To unsubscribe from this group and stop receiving emails from it,
send an
> email to pwm‑general+u...@googlegroups.com.
> To post to this group, send email to pwm‑gen...@googlegroups.com.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/pwm‑general/ec0e2f93‑42ec‑4630‑9305‑176d7ece74eb
>
> %40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages