Generate Initial Password on User Creation


With the help of Property Patterns, you can set up a template for generating initial user passwords. When creating a user via Adaxes Web Interface or Administration Console, the initial password is filled into the Password field on the user creation form. If a user account is created using a script or during data import and the Password (unicodePwd) property is not set, the password for the new user is generated according to the template.

It is possible to communicate initial passwords to new users by sending them an SMS. For details, see Send Initial Password to Users via SMS.

In this tutorial, you will learn how to configure built-in Property Pattern User Pattern to generate initial passwords for new Active Directory users.


  1. Launch Adaxes Administration Console.

    Expand Adaxes service \ Configuration \ Property Patterns \ Builtin and select User Pattern.


  2. In the section located to the right, click Add and select Password in the drop-down list.

  3. Specify a template for initial passwords.


    To create a unique password for each user you need to use value references (e.g. %username%). During user account creation, value references are replaced with corresponding property values of the new user account.

    Example:

    %username%-%employeeID%

    The value references contained in the template will be replaced with the values of the User Logon Name and Employee ID properties, and the generated password will look like johndoe-123321.


    To generate random passwords, you can use value reference %adm-RandomString%. For example, the following template: %adm-RandomString,12% can be used to generate a random password of the length of 12 characters.


    When finished, click OK.

  4. Click Save changes.

Any changes made to built-in Property Patterns can be discarded. To do it, right-click a Property Pattern and click Restore to Initial State in the context menu.

Different Patterns for Different Users

By default, Property Pattern User Pattern is applied to scope All Objects.



This means that the Property Pattern can be used to specify the same password template for all users in all domains managed by Adaxes. If you want to apply different settings for different Organizational Units or domains, you need to create a separate Property Pattern for each OU or domain.


  • Right-click Property Patterns, point to New and click Property Pattern.

  • Enter a name for the new Property Pattern and click Next.


  • On the Object Type page, select User and click Next.


  • On the Configuration page, configure options for a property and click Next.


  • To define the scope of activity for the Property Pattern, click Add.


  • In the Activity Scope dialog, select the following items:

    • Specific Domain - select to apply the Property Pattern to all users in a domain.
    • OU or Container - select to apply the Property Pattern to users in an Organizational Unit or container.
    • Group - select to apply the Property Pattern to members of a group.

      Assignments over group members are not applied during user creation.
    • Business Unit - select to apply the Property Pattern to members of a Business Unit. To select a Business Unit, open the Look in drop-down list and select the Business Units item.

    You can exclude specific Organizational Units, Business Units, groups, and domains from the activity scope of the Property Pattern. For example, if you've assigned the Property Pattern over the whole domain, but do not want it to apply to a specific Organizational Unit, you can exclude the Organizational Unit from the activity scope. To exclude an object, select the Exclude option in the Assignment Options dialog box.

    • Click the object you want to exclude.

    • In the Assignment Options dialog, select the Exclude option.


    • Click OK.
  • When done, click Finish.
Open tutorial filtering

Got questions?
Support Forum