Active Directory management & automation

Generate Initial Password on User Creation

With the help of Property Patterns, you can set up a template for the generation of initial user passwords. If a new user is created using the User Creation wizard, the generated password will be automatically filled in to the Password field, sparing you from manual password input. If a user is created using a PowerShell/ADSI script or during data import, and the Password (unicodePwd) property is not defined, the user password will be automatically generated according to the specified template.

It is possible to generate unique passwords for each new user with the help of value references. For example, you can define the following template for initial passwords: %username%-secret. In this case, initial passwords will be set as the value of the user's login name plus '-secret' (e.g. johndoe-secret).

In this tutorial, you will learn how to modify the built-in Property Pattern User Pattern to generate initial passwords for new users. If necessary, you can create a separate Property Pattern for this purpose.

If some undesired changes were made to a built-in Property Pattern, you can discard all changes made to this Pattern. For this purpose, right-click the Property Pattern you need and click Restore to Initial State in the context menu.

1Launch Adaxes Administration Console, expand Adaxes service \ Configuration \ Property Patterns \ Builtin. Select the built-in Property Pattern User Pattern.

Select Property Pattern

2In the Result Pane (located to the right), click Add and select the Password property in the drop-down list.

Select the Password property

3 In the Add Property Pattern Item dialog, specify a template for initial passwords.

Specifying the password generation template

To set a unique initial password for each user, you need to use value references (e.g. %username%). When creating a new user, these value references will be replaced with the property values specified during user creation.

For example, if you enter the following template for user passwords: %username%%employeeID%, the value references contained in this template will be replaced with the values of the User Logon Name and Employee ID properties of the user (e.g. johndoe123321).

Alternatively, you can configure Adaxes to generate a random password by default. For example, the following template: %adm-RandomString,12% can be used to generate a random password of the length of 12 characters.

It is possible send the initial password to the users once their account is created. For details, see Send Initial Password to Newly Created Users via SMS.

When finished, click OK.

4 To save changes, click the Save button located at the bottom of the Result Pane.

Saving the changes

If you set simple passwords during user creation, it is highly recommended to force new users to change their passwords to strong ones at the first logon. For this purpose, you need to select the User must change password at next logon option for new users. Using Property Patterns, you can specify what user account options are set by default. For details, see Set Default Account Options for New Users.
? Waiting

Progress status: Checking...