5.10 Managing Password Synchronization

5.10.1 Setting the Flow of Passwords Across Systems

To view how your systems are set up to accept or publish passwords:

  1. In iManager, select Passwords > Password Synchronization.

  2. Search for drivers for the connected systems.

List of connected systems showing whether passwords are allowed to flow on publisher and subscriber channels

The search results show the settings for password flow to and from Identity Manager and the connected systems.

List of connected systems showing whether passwords are allowed to flow on publisher and subscriber channels

To make changes to these settings, click a connected system driver name.

Interface for setting password flow for individual driver

On the Modify Driver page, you can set whether password policy is enforced for passwords coming in to Identity Manager, and whether a password policy is enforced on the connected system by resetting the connected system password.

The settings on this page are global configuration values (GCVs), which are stored per server. See Section 5.3.3, Controlling Password Synchronization by Using Global Configuration Values.

5.10.2 Enforcing Password Policies on Connected Systems

If you are using Advanced Password Rules and are using Identity Manager Password Synchronization, we recommend that you do the following:

  1. Research the password policies for all the connected systems.

  2. Make sure that the Advanced Password Rules are compatible with password policies on the connected systems.

5.10.3 Keeping the eDirectory Password Separate from the Synchronized Password

This scenario is described in Section 5.8.5, Scenario 4: Tunneling—Synchronizing Connected Systems but not an Identity Vault, with Identity Manager Updating the Distribution Password.