Password Filter automatically updates the LDAP Password stored inside Advanced Authentication, whenever the password is changed or reset in the Active Directory. This helps you to authenticate without getting any prompt to synchronize the password after it is changed or reset.
Perform the following steps to configure Password Filter:
Install the Advanced Authentication Logon Filter component on all Domain Controllers.
Enable Password Filter for AD through the Advanced Authentication - Administrative Portal: Policies section > Password Filter for AD.
Set Update password on change option to ON, to enable updating of the LDAP password in Advanced Authentication, when it is changed in the Active Directory. This helps you authenticate without getting any prompt to sync the password after it is changed. If Update password on change is set to OFF, user will get a request to synchronize the password while logging in to Windows, if he/she changed his/her password where the user will need to enter an actual password.
Set Update password on reset option to ON, to enable updating of the LDAP password in Advanced Authentication, when it is reset in the Active Directory. This helps you to authenticate without getting any prompt to sync the password it is reset. If Update password on reset is set to OFF, user will get a request to synchronize the password while logging in to Windows, if administrator has reset the user's password where the user will need to enter an actual password.
NOTE:Endpoint for Password Filter should be trusted. To set this option, open the Advanced Authentication - Administrative Portal > Endpoints section, edit an endpoint of the Password Filter, set Is trusted flag to ON and add a description. Save the changes.