1 Answer
- Newest
- Most votes
- Most comments
0
I am not exactly sure how the AWS IAM Identity Center (previously called AWS SSO) is configured to connect with your on-premise AD. No password information is synchronized to IAM Identity Center; only the users, group and membership information is synchronized to IAM Identity Center.
===Extracted the IAM Identity Center documentation ===
IAM Identity Center uses the connection provided by the AWS Directory Service to synchronize user, group, and membership information from your source directory in Active Directory to the IAM Identity Center identity store. No password information is synchronized to IAM Identity Center, since user authentication takes place directly from the source directory in Active Directory.
answered a year ago
Relevant content
- Accepted Answerasked 9 months ago
- asked 2 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 8 months ago
That's right Ronald and thanks for the feedback. The point is exactly that, implement a password reset mechanism that interacts with Active Directory (if possible). Currently, every 3 months a user must contact the supplier who manages the AD to request a password change.
You can search for Self-Service Password Reset for Active Directory. There are a number of software/tool available.
Thanks for the feedback Roanld. I am aware of these software, the idea was not to use third-party software but to make it possible for users to carry out the procedure via the SSO page. Apparently I do not believe there alternative.