• De-Federating with ADFS/Azure

    We're moving our authentication from AD FS to Azure (Entra) authentication and a managed domain instead of Federated.    Has anyone done this before?  Are there any items we need to be on the lookout for?  Will we have more attributes that can be updated…

  • Disabled full managed AzureAD accounts license assignment

    Hi,

    Our customer wants to implement a functionality in One Identity that would remove all entitlements except one from the Azure AD accounts of users who are in the leaver process and are disabled. The accounts currently have account definitions assigned…

  • AAD Sync Project - Error on starting Initial Sync

    Hello everyone!

    I am using OIM v9.0 LTS. I transported a working Azure AD Project and adapted the connection variables according to the new environment. Browsing into the Targetsystem is possible so I assume that Application ID, Domain and Key are correct…

  • How to customize invite email when creating new Guest type Azure AD user account

    Can we customize invite email when creating new Guest type Azure AD user account?

    For now, whenever we are creating a new Guest user account via Azure AD connector in One Identity Manager, it is creating a guest user in Azure but sending invite email…

  • Azure AD authentication against Azure SQL Database

    Hello OIM community,

    We are using One Identity, running the database as an Azure SQL Database, with OIM servers running containerized on Azure cloud. We would like to start authenticating with Azure SQL Database using Azure Active Directory instead of…

  • How to assign automatically Distribution Groups

    Hi,

    I have to assign automatically Azure AD distribution groups to some accounts if they have the mailbox enabled and also depending of their location.

    Do you have any suggestions?

    Thank you,

    Elena

  • OIM 8.2 does not sync every Azure AD changes from target system to OIM

    Hi all,

    i have the following problem. We have configured a daily full sync of azure ad accounts. For some accounts, OIM does not recognize changes on extensionattributes, which where made in the azure ad. Also read object does not work.

    What can i do…

  • OIM 8.2 does not sync every Azure AD changes from target system to OIM

    Hi all,

    i have the following problem. We have configured a daily full sync of azure ad accounts. For some accounts, OIM does not recognize changes on extensionattributes, which where made in the azure ad. Also read object does not work.

    What can i do…

  • Microsoft licensing control

    Hi Team,

    Can we sync Azure AD last logon from Azure to 1IM via Azure OOB connector sync project?

    We are using version 8.2

    I raised ticket with support as well, but they responded me to connect with PSO Team.

  • Revision filter supported by which connectors

    What are the connectors that support the revision filter? Why doesn't Azure AD support revision filter? Would it be possible for connectors like Azure AD to receive revision filter?

  • NLog

    I found the script that runs the delta sync to Azure and in that script there is a reference to NLog..I need to find out if the script actually did anything, how can I find that logfile?

    This is the line in the script
    Dim log As NLog.LogSession = New NLog…

  • Azure AD connector : Error : Unable to update the specified properties for on-premises mastered Directory Sync objects or objects currently undergoing migration

    Hello,

    We have a synchronization project with an Azure AD tenant.

    In the same time, we launched a project to migrate Exchange on-premise users to Exchange online.

    We are using Ad connect synchronisation.

    The users are created first in One identity…

  • EXH_EX0Organization_CreateHybridLinks

    Hello Team,

    EXH_EX0Organization_CreateHybridLinks is failing in production for the last 2 days with error :

    Error executing script 'EXH_LinkEXHRemoteMailboxesToOffPrem'.

    [System.ArgumentException] An item with the same key has already been added…

  • Office 365 group subscribers

    Members, owners, and subscribers can be assigned to Office 365 groups.

    What's the difference between members and subscribers?

  • issue with azure accounts

    Hello Experts,

    May I know who sets the flag OnPremisesSyncEnabled for AADuser account?

    I am seeing some of the accounts are not set with this flag so location details from on-prem AD is not updating in AZURE AD so when 1IM assigns licence to azure AD job…

  • Azure AD connector

    Hi,

    We are trying to connect to Azure AD through out of the box connector in sync project. We provided AppID, domain and the user account credentials.

    But we are getting the error [Microsoft.IdentityModel.Clients.ActiveDirector.AdalServiceException]:…

  • Azure AD module installation

    Hi,

    We are trying to install Azure AD module in one of our instances. Before the installation it asks for jobqueue and dbqueue tables to be empty.

    How could we make sure that all existing tasks and jobs get processed and nothing new gets triggered before…

  • Azure AD module

    Hi,

    We have recently installed Azure AD module in one of our existing one identity manager(v 8.0) instances. The installation and the database update were successful and I could see AAD tables in the database. Also, we are able to successfully connect…

  • Azure AD User sync error

    Hi,

    We have recently set up azure sync in our project. We are currently testing out the import of Azure AD schema into our database. The sync for groups and other schema types is working fine. But for users sync we are getting the below error for all…

  • Update Sync Project not possible

    I've just upgraded from 8.1.3 to 8.1.4 because I needed to apply a patch for my SCIM sync projects.  I start the Sync Editor, and choose "Upgrade Sync Project".  I immediately receive the error:

    CS0234: The type or namespace name 'Patch33399…

  • Azure AD Sync Project: Insufficient privileges to complete the operation.

    Can't getting the sync working for connecting to Azure AD.

    What could i possibly do wrong?

    I followed the docs in adding the necessary API permission.

    But still getting the error below.

    FYI: it happens during setting up the sync project at the point…

  • Azure read only for attestations

    I have a use case for attesting to Azure DirectoryRole assignments. This is the only use case we have for connecting to Azure from OneIM. The customer is hesitant to grant us the permissions of Global Admin as discussed in the OneIM documentation as we should…
  • Interoperability Microsoft AAD Connect and Identity Manager Azure AD Connector

    I'm not yet sure what is the best setup for integration Azure AD as target system.

    We need hybrid users (with SSO), so AAD Connect is required anyway.
    It is required as well for other purpose like device management.

    Now I see the following two options…

  • How to Synchronize Active Directory and Azure with 4 different domains of Active Directory and AzureAD to OneIM out of them 1 AD and 1 Azure tenant is already connected to oneIM.

    HI,

    I have a requirement to manage multiple domains of AzureAD and Active Directory from One IM.

    I feel this is a normal Use-case and I feel product support this.

    Need help in understanding below:

    • I have to synchronize only few limited User Account object…
  • Unable to pass UsageLocation for Azure AD from One IM

    Hi,

     

    I am trying to map Usage location field in Azure AD from One IM. Mapping is available in sync editor but the value is not getting assigned in target. Please help