Symantec Access Management

  • Private Community
 View Only
Back to discussions
Expand all | Collapse all

Is it possible to decrypt smpassworddata value so that we can check for the date when the user changed his passowrd?

  • 1.  Is it possible to decrypt smpassworddata value so that we can check for the date when the user changed his passowrd?

    Posted Oct 24, 2018 12:01 PM

    Is it possible to decrypt smpassworddata value so that we can check for the date when the user changed his password?



  • 2.  Re: Is it possible to decrypt smpassworddata value so that we can check for the date when the user changed his passowrd?
    Best Answer

    Posted Oct 24, 2018 12:09 PM

    KannanJ

     

    Tech Tip - CA Single Sign-On:Policy Server: Read Password Blob Utility 

     

    There is a caveat here, but I am assuming you are interested in "Last Password Change Timestamp". 

     

    Tech Tip - CA Single Sign-On:Policy Server: Read Password Blob Utility 

    The purpose of this article is to provide an utility to read these attributes from the Password Blob.

    Please note :

    • This utility will not be able read the Password History attribute from the Password Blob.
    • This utility is developed using SiteMinder Java SDK API and requires JDK to be installed on the box where it is running from.


  • 3.  Re: Is it possible to decrypt smpassworddata value so that we can check for the date when the user changed his passowrd?

    Posted Oct 24, 2018 01:40 PM

    Hi Hubert,

     

    Is this applicable for ODSEE User Directory?



  • 4.  Re: Is it possible to decrypt smpassworddata value so that we can check for the date when the user changed his passowrd?

    Posted Oct 24, 2018 02:10 PM

    KannanJ

    Yes it should work for LDAP and ODBC User Directory Objects, in the example AD was used for LDAP. Hence I believe it should work for ODSEE as User Directory.