Configuring password synchronization for Salesforce
ADSelfService Plus' password synchronization feature captures all users' Active Directory password resets and changes, and automatically syncs them with users’ Salesforce accounts. This feature helps a great deal in reducing the amount of password-related help desk calls, as users will only have to maintain one password across multiple platforms.
- API access must be enabled for your Salesforce account.
- A custom app must be created for ADSelfService Plus in Salesforce. Follow the steps here.
Steps to configure password sync for Salesforce:
- Log in to ADSelfService Plus with administrator credentials.
- Navigate to Configuration → Self-Service → Password Sync/Single Sign On → Add New Application.
- Click Salesforce.
- Enter the Application Name, Domain Name, and Description, and choose the required policies from the drop-down.
Note: ADSelfService Plus allows you to create OU- and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
- Select the Enable Password Sync checkbox.
- Enter the Username and Password of a Salesforce admin account.
- Enter your Security token. (See note)
- Enter the Client ID and the Client Secret of ADSelfService Plus. (See note)
- Click Add Application.
1. Steps to generate the security token:
- Log in to your Salesforce admin account.
- Navigate to <Your Login Name> (top right corner) > My Settings > Personal > Reset My Security Token.
- In the page that opens, click Reset Security Token.
- The new security token will be sent via email to the email address on your Salesforce user record.
2. Steps to get the Client ID and Client Secret:
- Log in to your Salesforce admin account.
- Follow the steps in this link to create a custom app for ADSelfService Plus.
- Navigate to Setup → Build → Create → Apps → Connected Apps and click the ADSelfService Plus app you created.
- You will now be able to see Consumer Key, which is the Client ID, and Consumer Secret, which is the Client Secret.
Testing the configuration:
To check if the password synchronization configuration has been set up correctly, follow these steps:
- Log in to ADSelfService Plus with a domain user credential.
- Navigate to the Change Password tab.
- In the Change Password page that opens up, choose your Salesforce account, from the select account drop-down list.
- Enter the old password.
- Provide a new password and confirm it.
- Click Change Password.
- Now, log in to your Salesforce account with the same new password.
If you can log into Salesforce without any issues, then the password synchronization configuration has been done correctly.
Note: By default, the AD account will be automatically linked to the Office 365 account based on the sAMAccountName attribute. In other words, a user’s sAMAccountName in AD will be mapped to their username in Office 365. ADSelfService Plus also lets you link the accounts manually based on any attribute of your choice. For more details on manual account linking, click here.
Need further assistance? Fill this form, and we'll contact you rightaway.
Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console.
Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus!
Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.
Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more.
Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.
Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.