立即与支持人员聊天
与支持团队交流

Active Roles Sync Service 8.2 - Administration Guide

Synchronization Service overview Deploying Synchronization Service Deploying Synchronization Service for use with AWS Managed Microsoft AD Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Database Working with Oracle Database user accounts Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with an OpenLDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with IBM RACF Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft 365 Working with Microsoft Azure Active Directory Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Developing PowerShell scripts for attribute synchronization rules Using PowerShell script to transform passwords

Uninstalling Capture Agent

You can delete the Active Roles Synchronization Service Capture Agent component with the built-in tools of the operating system.

To uninstall Capture Agent

  1. On the computer where Capture Agent is installed, open the list of installed programs.

  2. In the list of installed programs, select One Identity Active Roles 8.2.0 - Synchronization Service Capture Agent x64 or One Identity Active Roles 8.2.0 - Synchronization Service Capture Agent x86.

  3. To delete Capture Agent, click Uninstall.

  4. Follow the on-screen instructions.

Managing password sync rules

To synchronize passwords from an Active Directory domain to other connected systems, you need to create and configure a password synchronization rule for each target connected system where you want to synchronize passwords.

A password synchronization rule allows you to specify the following:

  • The Active Directory domain you want to be the source for password synchronization operations.

  • The source object type for password synchronization operations (typically, this is the user object type in Active Directory).

  • The target connected system in which you want to synchronize passwords with the source Active Directory domain.

  • The target object type for password synchronization operations.

Optionally, you can configure a password synchronization rule to modify attribute values of the target connected system objects whose passwords are being synchronized.

Creating a password sync rule

To create a password sync rule

  1. In the Synchronization Service Console, open the Password Sync tab.

  2. Click Add password sync rule.

  3. On the Specify source for password sync page, do the following:

    1. In the Source connected system option, specify the Active Directory domain you want to be the source for password synchronization operations. Alternatively, you can select the Active Roles Synchronization Service instance that manages such an Active Roles domain.

    2. In the Connected system object type option, select the object type you want to be the source for password synchronization.

  4. Click Next.

  5. On the Specify target for password sync page, do the following:

    1. In the Target connected system option, specify the target connected system in which you want to synchronize passwords.

    2. In the Connected system object type option, select the object type you want to be the target for password synchronization.

    3. Optionally, you can click Password Sync Settings and then use the following tabs to configure more password sync settings:

      • Password Sync Retry Options: Use this tab to specify how many times you want Synchronization Service to retry the password synchronization operation in the event of a password synchronization failure. You can select one of the following options:

        • Unlimited number of times: Causes Synchronization Service to retry the password synchronization operation until it succeeds.

        • This maximum number of times: Specify the maximum number of times you want Synchronization Service to retry the password synchronization operation.

      • Password Transformation Script: Use this tab to type a PowerShell script that transforms source Active Directory user passwords into object passwords for the target connected system. Use this item if you want the object passwords in the source and target connected systems to be different. If you do not want to transform passwords, leave the text box blank.

      • Rules to Modify Object Attributes: Use this tab to specify rules for modifying attribute values on the target connected system objects. These rules will only apply to the objects on which Synchronization Service modifies passwords in the target connected system.

    4. When you are finished, click OK.

  6. Click Finish to create the password sync rule.

Deleting a password sync rule

To delete a password sync rule

  1. In the Synchronization Service Console, open the Password Sync tab.

  2. Locate the rule you want to delete, and then click Delete this rule below the rule.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级