Dirsync: Password Sync - Target passwords are overwritten with the source password after a workflow
说明
ODM AD Dirsync: Password Sync - Target passwords are overwritten with the source password after a workflow. The target user changes their password in the target. The next time this user's source object is updated via an attribute update, and the Dirsync workflow is run, the target account's password is changed to back to the source password.
原因
This is working as designed. Password sync will always keep the target password matching the source password in a one way password sync scenario. If the change to the password in target will be authoritative, then a a two way password sync will be required to sync the target password and update the source account.
解决办法
A two-way bi-directional workflow will need to be configured for syncing and matching from target to source. This requires additional matching step to match users not only from source to target, but also target to source. Stage and write to the source are not required as passwords will be synced back to the source, following the matching direction, by the background password sync.