> > Ok thanks. However I can't seem to subscribe the User to a new > > Resource even by specifying the password - I guess it is complaining > > that the new password is the same as the old one. So there is no way > > to propagate an existing User to a remote resource without also > > changing the password, is this correct? > > Hi Colm, > the default password history is specified by the global password policy. > You could change it to permit password change with the same password. > > BTW, I would implement a simple improvement related to your issue. > I do think that in case of new resource subscription (explicitly or > implicitly), > password should be mandatory if and only a mapping for internal attribute > "Password" exists for that resource. > > If the new subscribed resource doesn't require password value, then a new > password specification shouldn't be required. > WDYT? >
+1 I think this is an excellent idea! Passwords should only be mandatory, if they should be synchronized. Best regards. Jan