none
MIM: Password sync to cloud application?

    질문

  • "Utilizes the password change notification service (PCNS) to capture password changes from Active Directory and propagate them to other connected data sources" from the Microsoft website (https://docs.microsoft.com/en-us/microsoft-identity-manager/infrastructure/mim2016-password-management#password-synchronization)

    My question: What do they mean by "connected data source"? Do they mean the password sync is only done to the on-premise applications or can be also done to the cloud applications?


    Cheers, Manon.

    2018년 5월 18일 금요일 오전 5:19

모든 응답

  • The "connected data source" is the data source that a given management agent is connected to.

    PCNS is for AD. It intercepts the password set from a domain controller and does something with it. In the case of the PCNS agent that is installed on domain controllers, it encrypts the password to a key (created/added at agent setup) and sends it to a central service (specified at agent setup, the MIM sync service. I'm not sure if the interface specification is publicly available, but I don't see why another installable agent couldn't be used for a different service as long as it sent the same data to the same endpoint.  It would also require a management agent for the cloud application that is both aware of password change notification and is programmed with however the cloud service accepts password changes.

    2018년 6월 2일 토요일 오후 3:10