Hi Benoit, All you need it there: http://lsc-project.org/wiki/documentation/latest/configuration/syncoptions/security
Regards, Sebastien BAHLOUL 2017-01-26 8:36 GMT-08:00 ROSELIER Benoit <[email protected]>: > Hi Sébastien, > > > > Thanks for reply > > > > I can’t store password in clear text due to corporate strategy and i’m > interesting to use two-way encryption, but i don’t know how to do ? > > > > Regards, > > > > > > *De :* [email protected] [mailto:lsc-users-bounces@ > lists.lsc-project.org] *De la part de* Sébastien Bahloul > *Envoyé :* jeudi 26 janvier 2017 17:07 > *À :* lsc-users <[email protected]> > *Objet :* Re: [lsc-users] Need help to sync Password > > > > HI Benoit, > > > > In short you need the password in clear text to synchronize it to AD: > > > > From: http://lsc-project.org/wiki/documentation/howto/activedirectory, > the approach you would probably interested in : > > > > Store passwords in your source repository, either in clear text or in a > two-way encryption scheme (LSC includes tools to encrypt and decrypt such > an algorithm: see here > <http://lsc-project.org/wiki/documentation/latest/configuration/syncoptions/security>), > then use LSC's AD tool-class > <http://lsc-project.org/javadoc/latest/org/lsc/utils/directory/AD.html#getUnicodePwd(java.lang.String)> > to > update the password in AD. here > <http://lsc-project.org/wiki/documentation/latest/configuration/syncoptions/activedirectory> > an > example how to do this. > > > > Regards, > > > Sebastien BAHLOUL > > > > 2017-01-26 3:10 GMT-08:00 ROSELIER Benoit <[email protected]>: > > Hello, > > > > I use LSC to synchronize an active directory from an openldap. > > > > I am perfectly able to synchronize my users and my groups but I block on > the synchronization of the passwords. > > > > My passwords are hash in ssha in my OpenLdap, and I do not know how to > retrieve them to pass them to Active directory. > > > > PS: My users use self-service password to change their password. I do not > know if I can use it to indicate two destinations for changing the password > (openldap and Active directory). > > > > Thanks for any suggestion. > > > > Regards > > > > > > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users > > > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
