Password Synchronizer

Multi-Platform Password Synchronizer feature of ADSelfService Plus automatically synchronizes Windows Active Directory password resets/changes and account unlocks of a user account across multiple other platforms. This offers users the comfort of maintaining a single password across all systems.

ADSelfService Plus supports a wide range of cloud-based and on-premise applications for password synchronization with Windows Active Directory. The list includes:

• Google Apps

• Office 365 / Azure

• Salesforce

• Zoho

• Zendesk

• Microsoft Dynamics CRM

• IBM i/AS400 system

• HP UX Directory Server

• Oracle E-business Suite

• Oracle Database

• AD LDS

• OpenLDAP

• Active Directory

• ServiceNow

• SAP NetWeaver

• PostgreSQL

• Microsoft SQL Server

• 389 Directory Server

• Real-time Password Sync Agent

Account linking:

Password synchronization works only when the users' Active Directory (AD) accounts are linked with accounts from other providers in ADSelfService Plus. Account linking can either be automated or done manually.

How to link accounts automatically?

To link accounts automatically, you have to specify a source attribute, which is composed of one or more attributes in AD, and a target attribute from the enterprise application. When a user resets or changes the passwords, the modifications are synchronized only when the target attribute value matches the source attribute value.

Steps to link users' accounts automatically:

1. Log in to ADSelfService Plus web console as an administrator.

2. Navigate to Configuration tab → Self-Service section → Password Sync/Single Sign On.

3. Click the Account Linking button at the top-right corner of the webpage.

4. In the window that opens, Select a Provider and select a System from the respective drop-downs.

5. Select the Enable Auto Account Linking checkbox.

6. In the Source Attributes drop-down, select the attributes (one or more) from the AD domain where the users' password will be reset.

   Example: Say you want to use both ‘sAMAcountName’ and ‘Initials’ as source AD attributes. You select each of these AD attributes from the source attributes drop-down, and use the buttons near its field to add it. Make sure that the combined value of the AD source attribute (say 'JohnA' in this instance), matches the corresponding target attribute in enterprise application.

7. In the Target Attributes drop-down, select the attribute whose value will equal the combined value of the selected source attributes.

   

8. Select the Append Hostname checkbox to add the host name at the end of the combined value of the selected source attributes. That is, if the checkbox is selected, the sAMAccountName+Initials becomes, sAMAccountName+Initials@hostname.

If the value of the source attributes is empty, then sAMAccountName will be taken as the default value. If the value of the source attributes is in email format, then the hostname will not be appended even if that option is enabled.

How to link accounts manually?

Users enter the credentials of their cloud application or other server accounts with which they want to link their AD accounts in the self-service portal.