This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

generation of CentralPassword following the default password policy

Hi, is there any way to automatically generate a CentralPassword on the creation of a new person as per th One Identity Manager password policy ? 

 

I can generate a sample password in the designer but I cannot find the script which calculates it. 

 

I looked at UserPassword in the table LDAPAccount but the default template refers to CentralPassword which is empty by default.

Thank you for your help

  • You might wanna check the template on ADSAccount.UserPassword. That should give you all the information you need to adapt this to Person.CentralPassword.
  • As I specified in the post, the ADSAccount.UserPassword uses the $FK(UID_Person).CentralPassword$ so it's a vicious circle

     

    I cannot use the Function  TSB_GetPassword in the CentralPassword template as I don't have all the needed arguments.

  • But now you the script name to generate an initial password. Just take a look at TSB_GetPassword.
  • Ok but I cannot understand the usefulness of all those arguments :

     

    I mean that I don't know what to put in myEntity, ns and centralpwd arguments (i.e. the values)

  • I haven't said you should use the script but you can take a look at the script to see how it is working. It is not meant to be used for the Person.CentralPassword.

    The code parts that are of interest to you are:

    'get valid PwdPolicy for account (in your case person)
    Dim passwordManager = Session.Resolve(Of IPasswordManager)()
    Dim uidPolicy = passwordManager.GetPolicyUidForColumn(myEntity, pwdColumn, True)
    Dim passwordPolicy = passwordManager.GetPolicy(uidPolicy, myEntity, pwdColumn)
    Dim pwd As String = ""
    
    'generate random password 
    pwd = passwordPolicy.CreatePassword(Math.Max(passwordPolicy.MinLen, passwordPolicy.MaxLen)).ToInsecure().ToString()

    Another option is to take a look at the SDK sample "\Modules\QBM\dvd\AddOn\SDK\ScriptSamples\10 Special use cases\01 Checking and creating passwords with password policies.vb" of your product delivery.

    The script SDK_IPasswordManager_CreatePassword should help you to achieve what you want.

     
  • thank you very much for your help, I reached what I wanted :)