We have a small number of users who authenticate locally with the PC. We're seeing that some of their passwords seem to become invalid after some time. Is there a way I can see/verify passwords stored in the PC to investigate what is happening?
Thanks in advance,
What do you mean by "locally with the PC"? Through the GUI, the CLI, something else?
The authentication type (when editing user) is set to "performance center" - that's in the GUI. When looking there the passwords are all ********. Is there a rest call that can be made to get a user's password? I'm trying to see what the passwords are being changed to (I know what was set in the GUI before it stopped working). I keep having to go back in the GUI and set the passwords back.
That is odd. What's the specific PM release involved?
Do you also have any SSO configured like LDAP or anything along those lines?
Yes, we have SSO and SAML configured. Most of our users authenticate externally, but a few of us (admins) authenticate locally on the PC. I noticed this because my account is being effected. Any time I want to use the odata query builder I have to reset my password in the PC GUI to what I originally set it to. It's being changed somehow.
Do you have two accounts? One that was created manually in CAPC and set to Performance Center authentication type and one that was created automatically through SAML2 and set to External?
Along those same lines, is the user name logged in with for PC/internal authentication the same user name that would or could be used to login with SSO via SAML?
I just have the one account in PM and yes the username is the same as would be used if I were authenticating with SAML.
You may be running into the account being mixed up with the SAML2 version of the account. Next time you see this, can you log in with your domain credentials?
What if you create a second account manually on CAPC, one that is not named the same as your domain credentials, do you still run into the problem?
How are things going for this problem David?