Dear all,

I am still new to idm. I've spend couple months to study and tried to
build a lab to sync bi-directional between ad and mssql db.
Recently the goal was almost approached. Users on both AD and mssql
table users are in sync.
But there is something wrong, I think the problem maybe is password

When I create an user on AD, IDM data.users container shows the new one
created. And in mssql table, a row data is also created.
When I create an user from mssql table, IDM data.users container shows
the one created, but ... there is NO user created in AD !!
But after I tried to set a password for the user on IDM, then the user
shows up in AD.

The thing is I do publish nspmDistributedPassword attribute value from
mssql to IDM, and also the user is able to login with that password.

I followed the document to do password sync between AD. (Install filter,
create password policy, use on data.users container (partitioned)
But it seems not working.

Another curious thing is that if I don't set a password for the user on
IDM, I change publication startup option to " resync all object" on
mssql driver, and restart it, the user could be created on AD

Still thinking..
Any advice ??
Thanks a lot for reading this.

andy_ho's Profile:
View this thread: