The documentation for the Active Directory Password synchronisation plugin currently shows the IDM URL example as:
Configuring the password capture plugin with this results in a HTTP 400 from IDM with the response:
There are 2 issues here:
- The samaccountname parameter should be enclosed in single or double quotes
- For most installations this queryFilter will fail because there is no uid in the default managed user object.
The correct URL for this should be: