Hi All,
I have an requirement to add the below 2 attributes when new AD account is provisioned in ISC.
- Password Never Expires
- Smartcard is required for interactive logon
Any idea how to set this…
Thanks,
Shantha Kumar
Hi Shantha,
For Password Never expires - Check the userAccountControl values in the below table
For Smart card - there is a attribute in AD for SmartcardLogonRequired. Check if we can set it from connector.
if we cant set from connector - we need to execute powershell script :-
Set-ADUser -Identity user.name -SmartcardLogonRequired $true
Regards
Arjun
i have set the userAccountControl as 328192 and it was set the value as expected. But when i run the aggregation the account got deleted and i can see the below error:
Hi Shantha,
This looks like a error where sailpoint is trying to create the account but it is already created. Are you seeing this for other accounts as well?
Regards
Arjun
@arjun_sengupta Yes it was causing other accounts also, it is because we have used filters to aggregate the account. So some users are not matched the filters so i am receiving the error. It got resolved after i have changed the filters.
Thanks for the input for the userAccountControl, i was able to set the flag by populating the value as 328192.
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.