Confirm on the Synchronization User Password Configuration

Target

For customers who wish to synchronize user information and password information from Windows Server Active Directory onto HENNGE Access Control in the cloud.

Purpose

To confirm that the users' password on the Active Directory has been saved correctly via the hashed password value stored in the UnixUserPassword attribute. The confirmation can be done via the script provided by HENNGE following the procedure below.

Caution

This article was last updated on 2019 March.

Procedures

HENNGE Access Control will be able to synchronize the hashed password stored in the UnixUserPassword attribute to the cloud. If the UnixUserPassword attribute is empty, the password will not be synchronized onto the HENNGE Access Control and the user will not be able to login successfully.

Prerequisite Confirmation

Please execute the following procedure with a user in the Domain of permissions either of [ Domain Admins ] or [ Enterprise Admins ].

Confirmation

1. Prepare the client machine that has Security Group Batch prepared and login to the machine and make sure that the instructions outlined in the following article has already been performed.

Execution of Assign-HDEOnePasswrdSyncGroup.bat

2. Open the PowerShell with Admin permissions

3. Execute the following command

> cd <[HDEOne] フォルダーのパス>
> .\Check-SyncUser.ps1

For Example: 

> cd C:\work\HDEOne
> .\Check-SyncUser.ps1 

4. Confirm the Execution Result

================
unixUserPassword set
================
[sAMAccountName],[UserPrincipalName],[mail]
ttsstt,,aaa@bbb.com      ← Active Directory のパスワード変更済みユーザー一覧

================
unixUserPassword unset
================
[sAMAccountName],[UserPrincipalName],[mail]
test,test@sample.jp       ← Active Directory のパスワード未変更ユーザー一覧

unixUserPassword set user: 1   ← Active Directory のパスワード更済みユーザー数
unixUserPassword unset user: 1  ← Active Directory のパスワード未変更ユーザー数
          
Was this article helpful?

Frequently Asked Questions (FAQs)