Retrieving Password from Get Accounts Action in Workflow

Hi all.

We would like to retrieve the value from the password attribute from the AD accounts and send to user using workflow. However, we could not find this attribute existing in the Get Accounts action JSON output. Originally, we were suspecting it being type secret in the provisioning policy and therefore not visible in the actions. However, even changing it to type string and added this attribute to the AD Account Schema, it does not seem to be visible in the JSON output as well.

Appreciate any input on this. Thank you!

This is not supported by IDN. The aggregation/Get Accounts won’t return the clear text password.

To accomplish this you may have to write a powershell script on the server that connects to AD directly and retrieves the password that can be mailed out to the user.

Understood. Thanks for the input!

You cannot retrieve the Password from AD as it is hashed. You need to re-generate the Password again. Follow the Password recommendations from SailPoint:
https://community.sailpoint.com/t5/IdentityNow-Articles/Best-Practices-for-Provisioning-with-Passwords-in-IdentityNow/ta-p/75459

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.