Password Synchronization with 389 Directory Server
ADSelfService Plus can automatically keep the users' 389 Directory Server password in sync with their Active Directory (AD) passwords, in real time. The synchronization works for the following operations:
-
Password reset
-
Password change
-
Account unlock
Important : Install the Password Sync Agent to synchronize native password changes and resets.
Whether the operation was performed through the self-service portal, or natively using ADUC or Windows login screen (Ctrl+Alt+Del), ADSelfService Plus is capable of synchronizing the changes with 389 Directory Server.
Configuration steps
To enable passoword synchronization between AD and 389 Directory Server, follow the steps given below:
-
Log into ADSelfService Plus admin console with admin credentials.
-
Navigate to Configuration → Self-Service → Password Sync/ Single Sign On.
-
Select the 389 Directory Server application.
Note:
You can also find 389 Directory Server application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
-
Enter the Application Name and Description.
-
In the Assign Policies field, select the policies for which passoword sync need to be enabled.
Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
-
Select Enable Password Sync.
-
Enter the System Name / IP Address.
-
Enter the Domain Name (E.g.: dc=example,dc=com) of the 389 Directory Server.
-
Enter the User Name (E.g.: cn=test user,OU=groups,dc=example,dc=com) and Password of an account that is a member of the Directory Administrator group.
-
Enter the Port Number of the 389 Directory Server.
-
Put a check against the Enable LDAP SSL box to secure the connection between ADSelfService Plus and the 389 Directory Server.
-
Click Add Application.