Friday, April 20, 2007

TIM AD Password Sync Plug-in

If your considering using the PwdSync plug-in to sync passwords from AD into TIM there are a few things you need to consider. For one thing this is an all of nothing option. All accounts that ITIM manages will be included when you use the AD Password Sync plug-in. So it is important that there are no systems being managed by ITIM which more restrictive password policies than your AD password policy. Otherwise users in AD will set their password to something that passes the AD checks and fails when ITIM tries to sync that password to other systems. The problem is that the user will not know about the failure which will cause more help desk calls.

Also, an important point is that SSL is required for this to work. You will need to export a cert from your TIM server and import it into the PwdSync plug-in. My downloads page contains a detailed document that I typed up with screen shots explaining a but more about these issues that I found not very clear in the install guide. Feel free to check it out. Hopefully it will help to save someone some time.

Downloads {Link}

2 comments:

Anonymous said...

Charles,
I have issues getting AD password sync plug-in to work. Does it matter if the OS is 64 bit win2003? Or is there a seperate version of the plug-in for 64bit?
Thanks in advance.

FAli said...

AD pwdsync plugin not leting me change password through ctrl+alt+del change password. giving error regarding requirements. i am able to change password through Active directory users and computers.

please help