Knowledge Base

Support Policies

AD LDS - User Creation and Passwords not set

SecureAuth IdP Version affectedAll

 

Description:

When creating a new user with SecureAuth's User Creation functionality the password is not set.
 

Cause:

  • By default, an AD LDS instance automatically enforces any local or domain password policies that exist on the Windows Server. If the password to be set does not meet the local or domain complexity rules it will be rejected.
  • By default, Active Directory Lightweight Directory Services (AD LDS) will not allow a new user account password to be set over an unencrypted connection.


Resolution:

Password Complexity

Verify the password you are entering complies with the AD LDS servers complexity requirements. Further information about Windows Server Password Complexity can be found in this document Enforcing Strong Password Usage Throughout Your Organization

Unencrypted Connections

In order to allow the changing and creating of passwords for AD LDS users over an unsecured connection consider the following solutions:

 

Note: For security purposes you should never grant anonymous access privileges to any portion of your AD LDS instance.

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.