We would like to change the passwords for all the users in PPM, they are all LDAP authenticated. Would the script kConvertUserPasswords.sh convert passwords for users that are authenticated by LDAP, or would it work on PPM authentication only.
When you specify LDAP authentication in a user's entry, PPM will connect to the LDAP directory to validate the password value. PPM validates the user's password by connecting with the user's identity and password.
We use AD as our LDAP directory. AD does not allow the password to be read. PPM does not have the authority to change the password values in AD, and probably would not be allowed to do this with other LDAP directories, either. Password maintenance in the LDAP directory is a function that will be managed by the owner of the directory, not PPM.
The user import report can set the users to use PPM authentication but cannot set the users' passwords to the value in LDAP. The report does allow you to specify a default password that will be applied to all users.
I have not used the kConvertUserPasswords.sh script, but it could only be changing the password values in the PPM user table. These values are used only when PPM authentication is used and are ignored if LDAP authentication is specified.
We actually had a Database Refresh from Production to our Dev Instance and all users are LDAP authenticated, we do not want users to start using Dev for any purpose, hence I wanted to check if I use the script to change passwords, would it actually change all passwords in the database, or would not since they are LDAP authenticated.
We do not want the passwords in the LDAP server to be updated. ( which PPM should not allow too).