OIM Active Directory Connector - Patch to Enforce "Password History" functionality from Target System
(Doc ID 2758860.1)
Last updated on MARCH 11, 2021
Applies to:Identity Manager Connector - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
Active Director target is set up with "Enforce Password History" password policy where in specific number of used passwords cannot be reused.
OIM AD connector 22.214.171.124.0 is set up with this target and while end users change password for account provisioned, password history check is not being honored as in the the old passwords are still being propagated to target from OIM through the connector.
Steps that will show this issue :
1. Set up OIM AD Connector with target .
2. Provision the account to an end user.
3. Verify "Enforce Password History" password policy is set up on target.
4. Change password for the end user account and reuse one of the old passwords itself.
5. Observe it is accepted by OIM and sent to the target without any password history check.
6. Enable "IsPasswordHistoryCheckEnabled" configuration and set to True,still the same issue is seen.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document