<credentials>
<password>
<outbound>
<expression>
<asIs/>
</expression>
</outbound>
<inbound>
<strength>weak</strength>
<expression>
<generate/>
</expression>
</inbound>
</password>
</credentials>Credentials Handling
Credentials (password and password-related information) handling is a special part of Schema Handling and allows you to define how user’s credentials will be synchronized. The credentials can be synchronized from midPoint user to resource account (outbound), the opposite way (inbound), or both. You can also specify that the password should be generated - this is very useful for synchronizing resource accounts to midPoint to make sure that the password will be set even if the resource account password can’t be used (e.g. is encrypted).
The following is an example of credentials configuration from OpenDJ advanced sync sample:
-
the password from midPoint user is synchronized to resource account (outbound) as is
-
the password for midPoint user will be generated when synchronizing from the resource account (inbound), but only if the midPoint password is empty (e.g. for the very first time when you create midPoint user from the resource account). The
targetparameter is omitted, because it will be the midPoint password attribute.
Was this page helpful?
YES
NO
Thanks for your feedback