How to sync AD userCertificate attribute from user.

Hi All,

We are using One IAM 8.1.3.

I want to sync userCertificate attribute from AD user object to One Identity database.

I don't see any column with binary data type on ADSAccount table.

So I extended ADSAccount table and created custom column with Binary data type.

When I execute simulation then I get below error.

[1777023] Schema property (CCC_userCertificate@ADSAccount) only accepts data of type (System.Byte[]).
The value to write (System.Byte[][]) is however type (System.Byte[][]).

When I checked I found that userCertificate property is marked as Multi-value on Active directory side in sync editor and I can't edit it.

Also custom attribute from ADSAccount I can't change to Multi-value  as check box is gryed out in designed and can't be changed.

Could you please tell me how can we sync this userCertificate attribute.

Thank you in advance.

Kind Regards,

DG

Top Replies

  • Hi dnyandev garad,

    you have two options:

    1st - in your mapping rule you may check the box "Handle first property as single value" on target system side; this will provide always the first value

    2nd - create a new virtual property using the "MVP converter" on target system side; you are able to extract each single value from MVP. Finally use the virtaul property in your mapping rule.

    Regards,

       Tino