Hi Karthikeyan,
If Portal uses AD as the user store for the UME and if the IdM user interface gets installed on this portal, than all three systems use exactly the same single password for authentication which is stored in AD. At least for this little scenario there is no need for syncronization.
You might want to discuss syncronization of passwords if other systems like other ABAP based systems get involved. However, I do not like password syncronization at all because it leads to the fact that IdM knows all productive passwords of all users. Well, the passwords are encrypted in the IdM database but I hate the idea that a developer who has access to the MMC of IdM can get these passwords.
Go for Single Sign-On!
Cheers
Frank
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.