Chat now with support
Chat with Support

Quick Connect Sync Engine 5.5 - Administrator Guide

One Identity Quick Connect Overview Deploying One Identity Quick Connect Sync Engine Getting started Connections to external data systems Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Appendices

Step 6: Provide certificate’s thumbprint to Quick Connect Service

Perform the next steps on each computer running the Quick Connect Service that participates in the password sync operations.

To provide the thumbprint to Quick Connect Service

  1. On the computer running the Quick Connect Service, start Group Policy Object Editor, and then connect to the Local Computer Policy Group Policy object.
  2. In the Group Policy Object Editor console, expand the Local Computer Policy node, expand the Computer Configuration node, and select Administrative Templates.
  3. On the Action menu, point to All Tasks, and click Add/Remove Templates.
  4. In the Add/Remove Templates dialog box, click Add, and then use the Policy Templates dialog box to open the PasswordService.adm file that holds the Administrative Template.

    By default, the PasswordService.adm file is stored in <Quick Connect installation folder>\Quick Connect Capture Agent\Administrative Templates

  5. Under Computer Configuration\Administrative Templates\Quick Connect, select Quick Connect Password Service.
  6. In the details pane, double-click Set certificate.
  7. In the Certificate Properties dialog box, open the Set certificate properties tab, select the Enabled option, and then paste the certificate’s thumbprint (the one you copied in Step 4: Copy certificate’s thumbprint) in the Thumbprint text box. When finished, click OK.
  8. For the changes to take effect, refresh the Group Policy settings by running the following command at a command prompt: gpupdate /force

Using PowerShell scripts with password synchronization

Automated password synchronization > Fine-tuning automated password synchronization > Using PowerShell scripts with password synchronization

Optionally, you can configure the One Identity Quick Connect Sync Engine to run your custom PowerShell script before, after, or instead of the password synchronization operation. To do so, create a connection handler. For instructions, see Using connection handlers.

Example of a PowerShell script run after password synchronization

#---- Specify the SMTP Server name in your organization ----
$SmtpServer = "smtpServerName"
$smtp = new-object system.net.mail.smtpClient($SmtpServer)
$mail = new-object System.Net.Mail.MailMessage
# ---- Set the sender mail ----
$mail.From = "yourmail@mydomain.com"
# ---- Set the destination mail ----
$mail.To.Add("Administrator@mydomain.com")
# --- Specify the message subject ----
$mail.Subject = "Password was changed"
# ---- Set the message text ----
$body = "The passwords were synchronized for the following object pair: "
$body = $body + $srcObj.Name + "->" + $dstObj.Name
$mail.Body = $body
# ---- Send mail ----
$smtp.Send($mail)

Description: After the password synchronization is complete, this script sends a notification email message informing the administrator that the specified object password has been modified in the target connected system. The message provides the names of the source Active Directory object and its counterpart in the target connected system.

 

Synchronization history

Synchronization history
Related Documents