Identity Manager 8.0.1 - Administration Guide for Connecting to Active Directory

Managing Active Directory Environments Setting up Active Directory Synchronization Base Data for Managing Active Directory Active Directory Domains Active Directory User Accounts Active Directory Contacts Active Directory groups Active Directory Security IDs Active Directory Container Structures Active Directory computer Active Directory Printers Active Directory Locations Reports about Active Directory Objects Appendix: Configuration Parameters for Managing Active Directory Appendix: Default Project Template for Active Directory Appendix: Authentication Modules for Logging into the One Identity Manager

Script for Generating a Password

Script for Generating a Password

You can implement a generating script if additional policies need to be used for generating a random password, which cannot be mapped with the available settings.

Syntax for Generating Script

Public Sub CCC_PwdGenerate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)

With parameters:

policy = password policy object

spwd = generated password

TIP: To use a base object, take the property Entity of the PasswordPolicy class.
Example for a script to generate a password

The script replaces the invalid characters '?' and '!' in random passwords.

Public Sub CCC_PwdGenerate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)

Dim pwd = spwd.ToInsecureArray()

' replace invalid characters at first position

If pwd.Length>0

If pwd(0)="?" Or pwd(0)="!"

spwd.SetAt(0, CChar("_"))

End If

End If

End Sub

To use a custom script for generating a password

  1. Create your script in the category Script Library in the Designer.
  2. Edit the password policy.
    1. Select the category Active Directory | Basic configuration data | Password policies in the Manager.

    2. Select the password policy in the result list.
    3. Select Change master data in the task view.
    4. Enter the name of the script to generate a password in Generation script on the Scripts tab.
    5. Save the changes.
Related Topics

Restricted Passwords

Restricted Passwords

You can add words to a list of restricted terms to prohibit them from being used in passwords.

NOTE: The restricted list applies globally to all password policies.

To add a term to the restricted list

  1. Select the category Base Data | Security Settings | Restricted passwords in the Designer.

  2. Create a new entry with the menu item Object | New an enter the term to excluded to the list.
  3. Save the changes.

Testing a Password

Testing a Password

When you test a password, all the password policy settings, custom scripts and the restricted passwords are taken into account.

To test whether a password conforms to the password policy

  1. Select the category Active Directory | Basic configuration data | Password policies in the Manager.

  2. Select the password policy in the result list.
  3. Select Change master data in the task view.
  4. Select the Test tab.
  5. Select the table and object to be tested in Base object for test.
  6. Enter a password in Enter password to test.

    A display next to the password shows whether it is valid or not.

Testing Generating a Password

Testing Generating a Password

When you generate a password, all the password policy settings, custom scripts and the restricted passwords are taken into account.

To generate a password that conforms to the password policy

  1. Select the category Active Directory | Basic configuration data | Password policies in the Manager.

  2. Select the password policy in the result list.
  3. Select Change master data in the task view.
  4. Select the Test tab.
  5. Click Generate.

    This generates and displays a password.

Related Documents