Quote Originally Posted by geoffc View Post
On 2/20/2018 4:24 PM, dgersic wrote:
>
> geoffc;2475827 Wrote:
>> this post helpful and are logged into the web interface,
>>>> show your appreciation and click on the star below.
>>>>
>>>> If you want to send me a private message, please let me know in the
>>>> forum as I do not use the web interface often.
>>>
>>> Yes, publisher channel stuff. Go to the driver properties, GCVs,
>>> "password sync" tab. There is an option there for "publish to NDS
>>> password". It even says "managed on the password sync page". It is,
>>> demonstrably, not managed there. At least not any more. The GCV is

>> used
>>> by the various publisher rules to decide what to do. With it set to
>>> "true", you end up with both nspmDistributionPassword and password in
>>> the eventual document on the publisher.

>>
>> You know, I wonder if this is an eDir to eDir setting value? I.e. Sync
>> the RSA Private/Public key values instead of the password?
>>
>> Hmm, just tried it. It looks like they forgot about Password Tunneling
>> mode!!
>>
>> When you turn off/on sync to DP option in the Password Management GUI
>> it
>> swaps the sync to DP/sync to NDS pair where they are opposites.

>
> Ah. Now that's interesting, and something I hadn't thought to try,
> because it wasn't what I was trying to do.
>
> I started with a REST driver that had both UP and NDS set to True in the
> GCVs. I wanted to turn off NDS. Can't do it. But the password config
> page is trying to manage these for you, and doesn't seem to understand
> what to do if the values aren't what they expected (True/False or
> False/True). I got around it initially by just editing the GCV page
> myself.
>
> IMHO, the "password sync" page needs to go away. But at least now I'm
> not wondering why I can't set this one from there.


If you are not using the Command Transform (either channel) packaged
policies these GCV's have no meaning.

I.e. They are ONLY used by the policies in the Sub/Pub CTP.

So ditch the Password sync package entirely, it is not helping you at all.
I'm using the packaged password sync policies...