Skip to main content

testidpm

Use the testidpm program to test Bravura Security Fabric interceptors, API functions, and CGI programs such as PSA, that send requests to the Password Manager service (idpm ).

Usage

Run testidpm with the following arguments:

testidpm [-host <host>] [-port <port>] [-targetid <targeted>] [-account <account>] [-userid <userid>] [-pass <password>] <-option> "<argument>" [<argument 2>] ...

Argument

Description

-account <account>

The account/longID on <TARGETID>.

-block

Adds a blocking record and deletes all old requests in queue for the specified user.

-both

Used with "-strength" and "-reset". Sends strength first, and if OK, sends reset.

-cgiresetqueued

Resets an account’s password asynchronously.

-cgiresetsynch

Resets an account’s password synchronously. This is a cgi service function. You must specify the account to reset. The caller uses shared memory, and gets a reply only after the connector run is finished.

Calls made for an interceptor use the -reset argument.

-cgiunlocksynch

Unlocks a locked-out account synchronously.

-cgiverifysynch

Verify an account’s password synchronously.

-checknchange

Checks the password against strength rules. If passed, it resets/synchronizes a user’s password.

-finduser

Finds a Bravura Security Fabric user based on targetID and account.

-host <host>

Host where idpm is running.

-pass <password>

Password for the user.

-port <port>

TCP port on which idpm is listening.

-pwrules

Displays the password policy, either default, or for a specified account.

-reset

Resets/synchronizes a user’s password. This is for an interceptor operation, coming in through socket, and all accounts in the same target system group of the trigger account can be reset, depending on the target system group setting.

Calls made for a cgi program use the -cgiresetsynch argument.

-sessionid <sessionid>

A GUID produced by the caller of Password Manager service (idpm ) cgi functions, such as pss, psk or ida, to identify a round of requests on one or more accounts. Requests with the same sessionid are considered to be in the same group for running GROUP_SUCCESS/FAILURE external interface triggers (exit traps).

-strength

Checks the password against strength rules.

-targetid <targetid>

Target ID for the specified account.

-threads <threads>

Number of threads to send concurrent requests.

-timeout <timeout>

Socket connection timeout value in seconds.

Note: The default value is 60 seconds, however the Windows System default for connect timeout is 21 seconds maximum.

If not specified, the timeout value defaults to 60 seconds.

-userid <userid>

UserID for the user.

Examples

  1. To test the ability of Password Manager service to check a password against Bravura Pass strength rules (assuming you are on the Bravura Pass server):

    testidpm.exe -host localhost -port 3333 -account acct1 -pass mypass1234 -targetid w2kserver -strength

  2. To test resetting a user’s password through Password Manager service:

    testidpm.exe -host localhost -port 3333 -account acct1 -pass mypass1234 -targetid w2kserver -reset

  3. To print the Bravura Pass password rules retrieved by idpm :

    testidpm.exe -host MyPasswordManager -port 3334 -pwrules -timeout 90

  4. To check if a Bravura Pass ID exists:

    testidpm.exe -host localhost -port 3333 -finduser -user user1

  5. To check if a user has an account on a target system:

    testidpm.exe -host localhost -port 3333 -targetid win2kserver -finduser -user user1
In this section: