locked
FIM 2010 R2 Web Services Connector Password change usage RRS feed

  • Question

  • Hello!

    I am working on a project using the FIM Connector for Web Services ( https://www.microsoft.com/en-us/download/details.aspx?id=29944 ) , and there is something I'd like to know:

    The Connector for Web Services includes functionality for changing and setting a Password, and as far as I know, most implementations involve synchronizing AD with SAP or similar products, and using PCNS to notify password changes to FIM, which are then handled by the MA (the connector for webservices).

    ¿What if instead of having AD as a source of authority with PCNS we have a database with user data? ¿how could we notify the Connector for WebServices that the password was changed for a database user, so it can be processed and updated on the target system? 

    Wednesday, May 27, 2015 5:44 PM

Answers

  • For that you need to write a custom DLL. Nothing out of the box will do it for you.

    Nosh Mernacaj, Identity Management Specialist

    • Proposed as answer by Nosh Mernacaj Thursday, May 28, 2015 6:37 PM
    • Marked as answer by Amarquez81 Tuesday, June 16, 2015 1:48 PM
    Thursday, May 28, 2015 1:56 PM

All replies

  • AD does not have to be authoritative.  You can get the password from other sources and pass it to AD.  It is configurable in the MA UI.


    Nosh Mernacaj, Identity Management Specialist

    Wednesday, May 27, 2015 6:54 PM
  • Unfortunately, we are not synchronizing AD. We have a Web Service "A" connected to a DB, and another Web service "B" connected to another DB, and we synchronize data from the "A" web service to "B". 

    The final intention is... when the password field  is updated on A... how we could notify FIM in order to synchronize it with "B".

    Obviously, this needs to happen as soon as the pw is changed in "A", so the user can login in "B" with the new password (some delays are acceptable).

    Everything happens through the webServices because the client wishes to avoid giving direct access to the databases to client apps. Therefore, everything must use the web services, including FIM.

    Thursday, May 28, 2015 1:52 PM
  • For that you need to write a custom DLL. Nothing out of the box will do it for you.

    Nosh Mernacaj, Identity Management Specialist

    • Proposed as answer by Nosh Mernacaj Thursday, May 28, 2015 6:37 PM
    • Marked as answer by Amarquez81 Tuesday, June 16, 2015 1:48 PM
    Thursday, May 28, 2015 1:56 PM