nulli

Blog

HI + IM = Nulli

Nulli experts share their Human Information + Identity Management knowledge

AD/AM Unsecured Passwords

Posted By: Dave Bennett April 06, 2006 0 Comments Filed Under:Oracle , Oblix Coreid , LDAP

Have you ever needed to bulk load AD/AM with a bunch of LDIF users for testing or conversion purposes, but been frustrated by its inability to allow password changes over an unsecured port?

Well this is can be easily remedied using the dsmgmt tool that is installed with AD/AM. The tool is located in c:\WINDOWS\ADAM. Here is an example of making the change to an AD/AM instance:

C:\WINDOWS\ADAM>dsmgmt
dsmgmt: ds behavior

ds behavior: Connections

server connections: connect to server localhost:389
Binding to localhost:389 ...
Connected to localhost:389 using credentials of locally logged on user.

server connections: quit

ds behavior: Allow passwd op on unsecured connection
Successfully modified DS Behavior to reset password over unsecured network.

Now entries can be added to the directory with clear text passwords. The setting can be just as easily reversed after the changes are made.

NOTE: making this change will not permit the COREid identity system to change passwords in AD/AM over an unsecured port. I am not sure why, but something in the application prevents it even though the AD/AM instance is configured to allow it.

Disclaimer: This information is provided "AS IS" without warranty of any kind, either expressed or implied. The entire risk as to the quality and performance of the information is with you.
Post a Comment:




rss   Sign up for our RSS feed

Recent Posts
Categories
Nulli , Event , HI , eRecruit , PeopleSoft HCM , PeopleTools , IM , Access Management , Oracle , Enterprise Manager , OAM 10g , OAM 11g , Oblix Coreid , OIA 11g , OID 10g , OID 11g , OVD 10g , OVD 11g , OSSO , Waveset/Sun IDM , Certs , ForgeRock , OpenICF , OpenIDM , OpenAm , OpenDJ , LDAP , LDIF , IWA , NWA , App Server
Yearly Archives