Symantec IGA

Good afternoon,

Due to security policy issues of the client, it is requested to change the password Technical feasibility of changing the password of an account of an Endpoint such as Active Directory by the DSA or a Web Service, to make an automatic change for a PX of this password every certain time.
Validating from the DSA the account is observed but not the password:

and publishing the task of modifying or viewing the endpoint to consume it by web service is not possible because it generates the following error:
- Find endpoint by friendly name is not supported for object type ObjectType::ENDPOINT

Please confirm if it is technically feasible to change the password for this endpoint account via the dsa or web service or if there is another way to do it automatically.

Kind regards,

Steven Avila

Hi Steven

Yes, technically, you are able to use TEWS and update the endpoint parameters. As an example

Make sure to include the server, administrator user as well as administrator password - not just the password itself.

In text:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl">
   <soapenv:Header/>
   <soapenv:Body>
      <wsdl:TaskContext>
         <wsdl:admin_id>imadmin</wsdl:admin_id>
         <wsdl:admin_password>test</wsdl:admin_password>
      </wsdl:TaskContext>
      <wsdl:ModifyActiveDirectoryEndpoint>
         <wsdl:ModifyActiveDirectoryEndpointSearch>
         <wsdl:Subject>
            <wsdl:FriendlyName>rm-ad1-vm</wsdl:FriendlyName>
         </wsdl:Subject>
         </wsdl:ModifyActiveDirectoryEndpointSearch>
         <wsdl:ModifyActiveDirectoryEndpointActiveDirectoryEndpointEndpointTab>
            <wsdl:server>rm-ad1-vm</wsdl:server>
            <wsdl:authenticationDN>CN=Administrator,CN=Users,DC=matri02,DC=corp</wsdl:authenticationDN>
            <wsdl:authPassword>newpassword</wsdl:authPassword>
            <wsdl:_BAR_authPasswordconfirmation_BAR_>newpassword</wsdl:_BAR_authPasswordconfirmation_BAR_>
         </wsdl:ModifyActiveDirectoryEndpointActiveDirectoryEndpointEndpointTab>
      </wsdl:ModifyActiveDirectoryEndpoint>
   </soapenv:Body>
</soapenv:Envelope>

Hope this helps

Regards

Rinat

Good afternoon,

Due to security policy issues of the client, it is requested to change the password Technical feasibility of changing the password of an account of an Endpoint such as Active Directory by the DSA or a Web Service, to make an automatic change for a PX of this password every certain time.
Validating from the DSA the account is observed but not the password:

and publishing the task of modifying or viewing the endpoint to consume it by web service is not possible because it generates the following error:
- Find endpoint by friendly name is not supported for object type ObjectType::ENDPOINT

Please confirm if it is technically feasible to change the password for this endpoint account via the dsa or web service or if there is another way to do it automatically.

Kind regards,

Steven Avila

Hi Rinat,

Thank you very much, it worked perfectly for me. You should take into account that the task to be modified must be the specification of the endpoint example (ModifyActiveDirectoryEndpoint) and this must be enabled for web service consumption.

Kind regards,

Steven Ávila.

Hi Steven

Yes, technically, you are able to use TEWS and update the endpoint parameters. As an example

Make sure to include the server, administrator user as well as administrator password - not just the password itself.

In text:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl">
   <soapenv:Header/>
   <soapenv:Body>
      <wsdl:TaskContext>
         <wsdl:admin_id>imadmin</wsdl:admin_id>
         <wsdl:admin_password>test</wsdl:admin_password>
      </wsdl:TaskContext>
      <wsdl:ModifyActiveDirectoryEndpoint>
         <wsdl:ModifyActiveDirectoryEndpointSearch>
         <wsdl:Subject>
            <wsdl:FriendlyName>rm-ad1-vm</wsdl:FriendlyName>
         </wsdl:Subject>
         </wsdl:ModifyActiveDirectoryEndpointSearch>
         <wsdl:ModifyActiveDirectoryEndpointActiveDirectoryEndpointEndpointTab>
            <wsdl:server>rm-ad1-vm</wsdl:server>
            <wsdl:authenticationDN>CN=Administrator,CN=Users,DC=matri02,DC=corp</wsdl:authenticationDN>
            <wsdl:authPassword>newpassword</wsdl:authPassword>
            <wsdl:_BAR_authPasswordconfirmation_BAR_>newpassword</wsdl:_BAR_authPasswordconfirmation_BAR_>
         </wsdl:ModifyActiveDirectoryEndpointActiveDirectoryEndpointEndpointTab>
      </wsdl:ModifyActiveDirectoryEndpoint>
   </soapenv:Body>
</soapenv:Envelope>

Hope this helps

Regards

Rinat

Good afternoon,

Due to security policy issues of the client, it is requested to change the password Technical feasibility of changing the password of an account of an Endpoint such as Active Directory by the DSA or a Web Service, to make an automatic change for a PX of this password every certain time.
Validating from the DSA the account is observed but not the password:

and publishing the task of modifying or viewing the endpoint to consume it by web service is not possible because it generates the following error:
- Find endpoint by friendly name is not supported for object type ObjectType::ENDPOINT

Please confirm if it is technically feasible to change the password for this endpoint account via the dsa or web service or if there is another way to do it automatically.

Kind regards,

Steven Avila