Chat now with support
Chat mit Support

Identity Manager 8.1.3 - Administration Guide for Connecting to LDAP

Managing LDAP environments Synchronizing LDAP directories
Setting up initial LDAP directory synchronization Customizing the synchronization configuration Executing synchronization Tasks after a synchronization Troubleshooting
Basic configuration data LDAP domains LDAP user accounts LDAP groups LDAP container structures LDAP computers Reports about LDAP objects Configuration parameters for managing an LDAP environment Default project template for LDAP Generic LDAP connector settings

Generating passwords with a script

You can implement a generating script if additional policies need to be used for generating a random password, which cannot be mapped with the available settings.

Syntax for generating script

Public Sub CCC_PwdGenerate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)

With parameters:

policy = password policy object

spwd = generated password

TIP: To use a base object, take the Entity property of the PasswordPolicy class.
Example for a script to generate a password

The script replaces the ? and ! characters at the beginning of random passwords with _.

Public Sub CCC_PwdGenerate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)

Dim pwd = spwd.ToInsecureArray()

' replace invalid characters at first position

If pwd.Length>0

If pwd(0)="?" Or pwd(0)="!"

spwd.SetAt(0, CChar("_"))

End If

End If

End Sub

To use a custom script for generating a password

  1. In the Designer, create your script in the Script Library category.
  2. Edit the password policy.
    1. In the Manager, select the LDAP | Basic configuration data | Password policies category.

    2. In the result list, select the password policy.
    3. Select the Change master data task.
    4. On the Scripts tab, enter the name of the script to be used to generate a password in the Generating script field.
    5. Save the changes.
Related topics

Password exclusion list

You can add words to a list of restricted terms to prohibit them from being used in passwords.

NOTE: The restricted list applies globally to all password policies.

To add a term to the restricted list

  1. In the Designer, select the Base Data | Security settings | Restricted passwords category.

  2. Create a new entry with the Object | New menu item and enter the term you want to exclude from the list.
  3. Save the changes.

Checking a password

When you check a password, all the password policy settings, custom scripts, and the restricted passwords are taken into account.

To check if a password conforms to the password policy

  1. In the Manager, select the LDAP | Basic configuration data | Password policies category.

  2. Select the password policy in the result list.
  3. Select the Change master data task.
  4. Select the Test tab.
  5. Select the table and object to be tested in Base object for test.
  6. Enter a password in Enter password to test.

    A display next to the password shows whether it is valid or not.

Testing password generation

When you generate a password, all the password policy settings, custom scripts and the restricted passwords are taken into account.

To generate a password that conforms to the password policy

  1. In the Manager, select the LDAP | Basic configuration data | Password policies category.

  2. In the result list, select the password policy.
  3. Select the Change master data task.
  4. Select the Test tab.
  5. Click Generate.

    This generates and displays a password.

Verwandte Dokumente