I have set up IDM 201 to connect to Edir Systems and one AD system. I have
set up Universal Password policies in tree A and tree B, I have NMAS running
on my Desktop clients in tree A , and below is a sample of a PWD diag output
when checking tree A to see if the Uni Pwd is set. My problem is that when I
synch a user a across the three systems, from A to B and from B to AD the
driver doestn pick up the Uni PWD from the user object in tree A and so its
sets Tree B and AD to the users last name. I understand this is default
behaviour but why is it not picking up the universal password if it shows
set as below. Also, if the user changes thier password or it is changed
adminsitrativley it is synched without issue.
Object DN: cn=userA,ou=SUPPORT,ou=CONTAINER,o=OU
Password Status: Enabled, Set, UP != Simple
Simple Password Status: Not set
Password Policy DN: cn=CONTAINER,cn=Password Policies,cn=Security
What I am trying to acheive is synching 800 users and not having to force a
company wide pw change. is this by default, as all the documentaiton clearly
states that with universal password enabled on the target containers,
parititions and /or login policy object will capture the users password from
NMAS on the client side and set universal password which is then able to be
synched across as the distribution password.
Hope its somthing simple...