Share all details related to your problem, including any error messages you may have received.
Hello Experts,
We are working on Password interceptor issue.
We have timeout issue during the response from IIQ to Password interceptor. I have tested few scenario that when we have one identity with 3-4 Application links that time Password interceptor gets “Success” response from IIQ but when we have one identity with more than 10-15 Application links, we are getting time out error.
We have seen that with few links, we get the “Success” response in 15 seconds in Password interceptor logs but if we have more Application links, then n it is showing time out error.
Currently we are using default time out error. if we change it to 120 then all the scenario’s working fine.
Can you please help me to understand that is IIQ sending response to Password interceptor immediatly or it will send response after all workflow executed & password update.
IdentityIQ processes password synchronization requests in a serial fashion. Once an IdentityIQ application server receives a message from the Password Interceptor informing it of a password change, IdentityIQ will immediately attempt to provision the password change out to all of the user’s accounts that have password synchronization enabled. Using the out-of-the-box behavior, IdentityIQ will synchronize the passwords to the accounts one at a time, one after anotheriterating through all of the user’s accounts and finally sending out a confirmation/notification email at the end of all of the processing*.*
Any sluggish processing, network timeout, systems being offline, or other common “hiccups” can delay this step of the process significantly. For users with a large number of accounts correlated to their Identity cube or for installations of IdentityIQ integrated with systems where password provisioning changes can take a long time, this can cause delays in the password synchronization process. These delays prevent the sending of the confirmation email, which is sent at the end of password synchronization processing.
Installations experiencing these delays in notification and conformation email processing can consider customizing their Password Intercept workflow to handle provisioning the password changes out to various in parallel or by moving the notification/email step up earlier in the workflow process. Such a customization is usually carried out by your systems integrator or by SailPoint’s Professional Services teams.
Is there any way to change the password change serial fashion to parallel fashion as we dont see any variable or argument inside the password interceptor workflow.
this step will give you to update the password in Target Applications but is the same step where we can update password to parallel mode instead of Serial.
Do we need to add some configuration to update password instead of Serial mode.
We have written code to update the targets but not sure how to update password parallel instead of one by one.
or you try to configure PwdClient.exe.config, but i dont find any reference about how configure a parallel mode. I think the guide is not clear about this.
