Verify Synchronized Target Account Passwords

On the Target Accounts page (Credentials, Manage Targets, Accounts), accounts are displayed with many details, including whether they are verified. The Verified column displays only when synchronization is enabled.
capam32
On the Target Accounts page (
Credentials, Manage Targets, Accounts
), accounts are displayed with many details, including whether they are verified. The
Verified
column displays only when synchronization is enabled.
Some operations, such as Account Discovery, require an account to be verified. 
2
Verify Account Passwords using the UI
Use the following procedure to verify a synchronized target account password from the UI.
Follow these steps:
  1. Select
    Credentials
    ,
    Manage Targets
    ,
    Accounts
    . A list of target accounts appears.
  2. Double-click the target account whose password you want to verify.
  3. Select the Verify Credential icon (a blue person with green checkmark), located to the right of the Password field.
    A message indicating successful password verification appears.
Verify Account Passwords using the CLI
To verify synchronized target account passwords with the CLI, use the 
verifyAccountPassword
command.
Follow these steps:
  1. Search target accounts to retrieve the target account ID:
    capam_command adminUserID=admin capam=mycompany.com cmdName=searchTargetAccount TargetAccount.userName=account1
  2. Enter your password at the prompt. Credential Manager returns the following XML command string.
    <CommandResult> <cr.itemNumber>0</cr.itemNumber> <cr.statusCode>400</cr.statusCode> <cr.statusDescription>Success</cr.statusDescription> <cr.result> <TargetAccount> <Attribute.descriptor2>Lab</Attribute.descriptor2> <Attribute.changePasswordAfterViewing>true</Attribute.changePasswordAfterViewing> <Attribute.descriptor1>Vienna</Attribute.descriptor1> <ID>1233</ID> <createDate>Mon Nov 12 15:42:43 EST 2007</createDate> <updateDate>Mon Nov 12 15:42:43 EST 2007</updateDate> <createUser>admin</createUser> <updateUser>admin</updateUser> <hash>q3/BaUy9uPvtbUkKgIrXvgseGt8=</hash> <targetApplicationID>1</targetApplicationID> <userName>account1</userName> <password>14adc6a1a720e58ee52032364b98f95b</password> <accessType>A</accessType> <cacheAllow>true</cacheAllow> <cacheDuration>20</cacheDuration> <privileged>false</privileged> <synchronize>false</synchronize> <passwordVerified>false</passwordVerified> <lastVerified>Mon Nov 12 15:42:43 EST 2007</lastVerified> </TargetAccount> </cr.result> </CommandResult>
  3. Run the following command:
    capam_command adminUserID=admin capam=mycompany.com cmdName=verifyAccountPassword TargetAccount.ID=1233
  4. Enter your password at the prompt. Credential Manager returns the following XML command string.
    <CommandResult> <cr.itemNumber>0</cr.itemNumber> <cr.statusCode>400</cr.statusCode> <cr.statusDescription>Success.</cr.statusDescription> <cr.result> <TargetAccount> <privileged>true</privileged> <aliases></aliases> <password>{1}8ae8e633c1fa6020bfb7695e17f83f18</password> <lastUsed></lastUsed> <passwordViewPolicyID>1000</passwordViewPolicyID> <targetApplicationID>1222</targetApplicationID> <userName>sqlaccount1</userName> <accessType></accessType> <cacheDuration>30</cacheDuration> <synchronize>true</synchronize> <cacheBehavior>useCacheFirst</cacheBehavior> <lastVerified>Tue Apr 05 11:47:40 UTC 2011</lastVerifi ed><lastViewed></lastViewed> <passwordVerified>true</passwordVerified> <compoundAccount>false</compoundAccount> <targetApplication></targetApplication> <cacheAllow>true</cacheAllow> <targetServerAlias></targetServerAlias> <ID>1233</ID> <Attribute.extensionType>mssql</Attribute.extensionType> <Attribute.useOtherAccountToChangePassword>false</Attribute.useOtherAccountToChangePassword> <Attribute.cspm_serverkeyid>1</Attribute.cspm_serverkeyid><Attribute.descriptor1></Attribute.descriptor1> <Attribute.descriptor2></Attribute.descriptor2> <createDate>Tue Apr 05 11:44:37 UTC 2011</createDate><extensionType>mssql</extensionType> <updateUser>admin</updateUser><updateDate>Tue Apr 05 11:47:40 UTC 2011</updateDate> <createUser>admin</createUser><hash>EuufPEVlFusXtH6XF3rs7BbEJFY=</hash> </TargetAccount> </cr.result> </CommandResult>
If the password is not verified, the attribute
passwordVerified
returns a "false" value; for example,
<passwordVerified>false</passwordVerified>
.