Example: Users change their password on a Windows workstation
Some organizations require users to change their Active Directory passwords on a regular basis. Often users do this from the login prompt on their desktop. Transparent password synchronization can be set up to allow users to continue changing their passwords using the same, familiar method.
Requirements
This demonstration assumes that:
Bravura Security Fabric and Connector Pack are installed.
An Active Directory target system is added as a source of profiles.
A Linux target system is also added as a source of profiles.
A user has an account on both target systems.
The user is working on a Windows workstation that has been added to the domain.
Method
For demonstration, a user named adam0000 with an AD account and a Linux account will be used on a workstation that is connected to the AD network. The IP of the Linux server is 10.0.23.77.
Log into the Windows workstation as adam0000.
Press Ctrl+Alt+Del and choose Change a password.
Enter the current password for adam0000.
Enter the new password and confirm in the appropriate places.
Click the arrow to complete the process and confirm that the password change was successful.
Check the instance logs to verify that the password change was detected. Something similar to the following log examples should be present on a successful password change:
2021-02-02 13:41:20.331.2337 - [] idpm.exe [1800,5888] Info: Sending reply: code=[200], message=[Strength check success]
2021-02-02 13:41:21.097.4324 - [] idpm.exe [1800,5888] Info: Sending reply: code=[200], message=[Request queued]
2021-02-02 13:41:25.937.4569 - [] agtssh.exe [2172,2240] Info: line 403: Password for account [adam0000] has been changed.
2021-02-02 13:41:26.142.1307 - [] agtssh.exe [2172,2240] Info: [verifyreset] succeeded
Log adam0000 into the Linux server.
The user will be prompted for adam0000’s password. Enter in the new password.
If the new password was accepted, the password change was successfully propagated and adam0000 will now be logged in.