Encrypted Data Synchronization

The Encrypted Data Synchronization task goes over the objects re-encrypting the values using the newest key.

Note: The Encrypted Data Synchronization task is not enabled upon installation, you must create the task from the New Task dropdown menu.

The task encrypts the following attributes / types by default:

• Application secret configuration attributes

• User passwords

• Password history

• Users challenge questions

• Activity / Target source configurations

• Integration configuration password attributes

In cases such as integration configuration and unstructured target sources the task looks for encrypted values with the password in the name. You can also add a configuration attribute, IIQSecretAttributes, to either type names to define which attributes are targeted during a re-synchronization.

<entry key="IIQSecretAttributes">
<value>
<List>
<String>mySecret1</String>
<String>mySecret2</String>
<String>password</String>
</List>
</value>
</entry>

The task enables you do disable the following three categories of objects:

• Applications – which enabled application, activity and target source updates

• Identity

• Integration configuration