AD provisioning and authentication problem!

[Fabrizio Alongi]

HI,
I’m new to OpenIAM. After correctly installed it with Docker and setup AD powershell connector I have imported all my active directory users into OpenIAM platform.
I’ve configured two identity provider, one with default local IP of my VM and one with fqdn address like openiam.company.com.
I’ve also configured the fqdn identity provider with Managed authentication system that use AD powershell connector as primary authentication method.

All of my users into OpenIAM has two identities… one for every identity provider.

My problem is that I can login every users with local ip identity provider … but I can’t do that with the fqdn identity provider that could authenticate users with my active directory.
Also, if I reset user’s password for both authentication manager, my Active Directory doesn’t receive this change (new password).

Do my workflow is correct?
I need to use other components or I must investigate some technical issue?
AD powershell connection manager is all I need or I need to use other connectors?

Thank you in advance for any help.
Bye

[suneet_shah]

Hi Fabrizio,

Nice work on getting this far. The authentication policy is linked to a content provider.
What you are seeing is that your default content provider is linked to the OpenIAM ID.

The content provider is mapped to a URL or domain. In this way

local.company.com will map to one managed system-id
idm.ompany.com can be configured to map to another

You cant use both managed system identities at the same time.

Regarding password synch – are both your managed system configurations active? or only one of them?

[Author]

Posts