Symantec IGA

Hi,

Is there a way to select or specify endpoints for password propagation after password reset event?

Arij

Hello Arij,

My understanding is if you have endpoint A, B and C. You only want passwords to update on endpoints A and B on a password reset and not C? On the accounts tab, there are options for you to look at to see if these are something that would work out for you.

A option I see is "Account is sensitive and cannot be delegated". Would this be something that could be possible for you? If these options aren't what you are looking for, I can look into other suggestions for you.

Thank you,

Andrew Nguyen

Hello Andrew,

The option "Account is sensitive and cannot be delegated" will not allow the credentials to be used by even trusted applications.

Moreover this is an option set in a account template, and is good only at creation time.

I would love to hear your further suggestions and ideas.

Thank you,

Arij

Hi Arij,

In the provisioning manager, look at the endpoint properties - right click or double click on your endpoint. In the 'Endpoint Settings' tab, you will see an option called "Disable password propagation to accounts'. All password updates to all users in that endpoint will not take place. 

Cheers,

Marline

Hi Marline,

That setting would be endpoint-wise. I'm looking for fine-grained user-level control.

Based on business logic, we want to be able to select endpoints for password propagation dynamically for each user.

Thank you,

Arij

Hi Arij,

Correct. This is endpoint wide. There is no capability to do fine grained selection.

Regards,

Marline