4.0 Configuring Password Filter
Password Filter automatically updates the LDAP Password stored inside Advanced Authentication, whenever the password is changed or reset in the Active Directory. This helps you to authenticate without getting any prompt to synchronize the password after it is changed or reset.
The Figure 4-1 illustrates the situation when you do not use the Password Filter.
Figure 4-1
The Figure 4-2 illustrates the situation when you use the Password Filter.
Figure 4-2
Perform the following steps to configure the Password Filter:
-
Install the Advanced Authentication Logon Filter component on all Domain Controllers.
-
Open Advanced Authentication Administrative portal.
-
Goto to .
-
Edit endpoints for all the Domain Controllers one-by-one and set option to Add a Description to save the changes.
-
Enable Password Filter for AD through the Advanced Authentication Administrative Portal >
-
Set to , to enable updating of the LDAP password in Advanced Authentication, when the password is changed in the Active Directory. This helps you to authenticate without getting any prompt to sync the password after it is changed. If is set to , user will get a request to synchronize the password while logging in to Windows, if the user has changed the password where the user will need to enter an actual password.
-
Set option to , to enable automatic update of the LDAP password in Advanced Authentication, when it is reset in the Active Directory. This helps you to authenticate without getting any prompt to sync the password if it is reset. If is set to , user will get a request to synchronize the password while logging in to Windows, if the administrator has reset the user's password where the user will need to enter an actual password.
NOTE:Endpoint for Password Filter should be trusted. To set this option, open the Advanced Authentication Administrative Portal > , edit an endpoint of the Password Filter, set flag to . Save the changes.