Hi is there a way to have a rule run after a password is updated in ISC for AD and LDAP sources? Would a powershell after modify rule work?
For Active Directory connector, you can run an afterModify PowerShell rule. You would have to be able to validate that the password was the element changed so that the rule doesn’t run with every modification. From there you could check your LDAP directory and make what ever updates you need as the LDAP connector does not support afterModify rules.
So is there no way for a rule to run after the LDAP password was changed.
Our client has a use case that involves user either have both an AD and LDAP account or just an LDAP account.
That means we need a rule that runs specifically after the LDAPs password was changed.
I am not sure of your use case: but if you needed to do something in addition to setting the password, you might be able to use a before provisioning rule. I am thinking of this example:
During the process of logging in to change their password, a user must go through a security awareness briefing. The password change is at the end of the briefing. The system knows that the user must do the security awareness because they are in a specific group. After the password is changed, they need to be removed from the group, so that they are not always getting prompted.
You could write a before provisioning rule that would determine if the change being processed was a password change. If it was password change, add the group removal to the provisioning plan.
Would something like that work?
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.