Password Changes on Active Directory
Passwords modified on Active Directory are propagated
through the Identity Manager-Identity Synchronization for Windows deployment as described below (See Overview for illustration):
The user resets the password on Active Directory by
using the Change Password option in the Task Manager dialog of Windows.
Identity Synchronization for Windows detects
the change and sets a password invalid flag on the corresponding user entry
in the Identity Synchronization for Windows-managed Directory Server.
The user connects to Directory Server for the password change
to be complete (see On Demand Synchronization in the Sun Java System Directory Server Enterprise Edition 6.3 Installation
Identity Manager’s pwsync command
also detects the password change and propagates it to all other Identity Manager-managed
resources, except Directory Servers.