2 Replies Latest reply: Sep 20, 2012 7:55 AM by Bobm53-Oracle RSS

    How to assign different passwords for different resource accounts

    piaggio100
      Hi everyone,
      We have a situation where we have users with two resource accounts. They have different passwords with different lengths.We are using Flat file active Sync adapter to create users in both resources and there we are setting passwor.password field. But we need to set different passwords to every resource account and it is obviosly it can not be done with password.password field. We tried e password view before provisioning where we chekout the user and set the follwing parameters:

      <set name='userview.resourceAccounts.selectAll'>
      <s>false</s>
      </set>
      <set name='userview.resourceAccounts.currentResourceAccounts[RES1].selected'>
      <s>true</s>
      </set>
      <set name='userview.resourceAccounts.password'>
      <ref>accountId</ref>
      </set>
      <set name='userview.resourceAccounts.confirmPassword'>
      <ref>accountId</ref>
      </set>

      But it did not worked. So is there a way to set different passwords to different accounts in SUN IDM?

      Oh and forgot to mention we are using Sun Idm 8.1 patch 9.

      Best regards.
        • 1. Re: How to assign different passwords for different resource accounts
          piaggio100
          I actually managed to change the required password but i copied this in Provision externeal Resources.

          <Action id='1' name='Check out password view' application='com.waveset.session.WorkflowServices'>
          <Argument name='op' value='checkoutView'/>
          <Argument name='type' value='Password'/>
          <Argument name='id' value='$(accountId)'/>
          <Argument name='authorized' value='true'/>
          <Argument name='subject' value='Configurator'/>
          <Argument name='TargetResources'>
          <List>
          <String>RES1</String>
          </List>
          </Argument>
          <Return from='view' to='userview'/>
          </Action>
          <Action id='2' name='reset password'>
          <expression>
          <block name='reset password' trace='true'>

          <set name='userview.resourceAccounts.selectAll'>
          <s>false</s>
          </set>
          <set name='userview.resourceAccounts.currentResourceAccounts[RES1].selected'>
          <s>true</s>
          </set>
          <set name='userview.resourceAccounts.password'>
          <ref>accountId</ref>
          </set>
          <set name='userview.resourceAccounts.confirmPassword'>
          <ref>accountId</ref>
          </set>
          </block>
          </expression>
          </Action>
          <Action id='3' name='check in password view' application='com.waveset.session.WorkflowServices'>
          <Argument name='op' value='checkinView'/>
          <Argument name='view' value='$(userview)'/>
          <Argument name='authorized' value='true'/>
          <Argument name='subject' value='Configurator'/>
          </Action>
          • 2. Re: How to assign different passwords for different resource accounts
            Bobm53-Oracle
            Hi,
            did you find a way to assign different passwords to each account?
            AFAIK IDM maintains in its db just one password (encoded) for each user. And it can reassign it to all resource accounts during user updates. So even if you find a way to set different passwords, the user view has one and you can miss the others during subsequent updates.