FIM 2012 R2 enforcing domain password policies without SSL
-
Monday, January 28, 2013 11:59 PM
We are required to configure SSPR enforcing all domain password policies, including ‘Password History’ and ‘Minimum Password Age’; without configuring LDAP over SSL connection (without certificates) between the FIM Synchronization Service and PDC Emulator role owner.
There is a hotfix which enables FIM SSPR to support enforcement of all domain password policies but that requires configuration of LDAP over SSL connection between the FIM Synchronization Service and PDC Emulator role owner, which is conflicting with design and operational requirements.
Environment details are below;
FIM 2012 R2 (build version 4.1.2273.0)
Active Directory on Windows 2008 R2
.png)
