• Insert DepartmentHasADSGroup via process chain results in a "Violation of PRIMARY KEY constraint ... Cannot insert duplicate key in object" - Error

    This error does not occur when i assign the same assignment in the manager.

    And this is my expected behavior.

    Before the assignment, i have an indirect assignment and after the assignment i want to have a direct, indirect assignment (Xorigin = 3).


  • Exchange online connector with existing ADConnet


    Two years ago, we had One Identity manager 8.1.

    We have a sync project to Azure AD tenant.

    We had done a project to migrate users from Exchange OnPremise to Exchange Online.

    We did not use One Identity manager for that. We used ADConnect.


  • 401 Unauthorized response through API

    Hi everyone,

    This is my Powershell script to login:



    $authJson = ConvertTo-Json $bi -Depth 2

    $LoginRequest2 = Invoke…

  • Any queries or some type of way to get the system roles and entitlements associated with all employees

    Looking for a query or some type of way to get the system roles and entitlements associated with all employees, any ideas that can help would be greatly appreciated it

  • Any ideas or queries on how to pull all the system Roles and entitlements associated with employees?

    Need to pull employee entitlements and system roles

  • I am taking input of a particular attribute in from OneIdentity manager and want to insert in the same table if it's empty.I want to insert "CCC_Context_UUIDPARAM" value in SQL table, please guide the process of writing the value in SQL. Than

    Dim f As ISqlFormatter = Connection.SqlFormatter
    Dim collectionUsers As IColDbObject = Connection.CreateCol("CCC_Context_Identifier_Def")

    collectionUsers.Prototype.WhereClause = (f.Comparison("CCC_Context_UUID","ContextUUIDParam", ValType.String…

  • Policy Violation Without Condition

    What is the purpose of a no-conditional policy?

  • Retain account definition assignment if permanently disabled

    Hi all,

    I created an Account definition and forgot to uncheck 'Retain account definition assignment if permanently disabled'. Is there a way to removed that check box? It is greyed out. I have 1000 people with the assignment and cannot recreate it because…

  • Sync from Azure AD (standard and delta)


    1. When running the regular sync from Azure a lot of groups get NULL as GroupTypes even though they're labeled as Dynamic in Azure.

    2. When running the delta sync from Azure a lot of groups get "System.String[]" as GroupTypes.


  • One Identity Manager 9. Database in maintenance mode due "Triggers disabled"

    Hi all!

    After deploying a transport package, the database entered into maintenance mode due "Triggers disabled". The error message looks like 

    "A system maintenance is running. Contact your system administrator. Reason: Triggers disabled"…

  • Numerous User accounts which were disabled more than 63 days ago are still left in Active Directory

    Hello ,

    I have a requirements to remove users were disabled more than 63 days ago in Active Directory . The service account that I am using have a right privelege to remove users in One Identity Manager . However users that has 1 admin count can't be…

  • One session for user on web portal

    Hi everyone,

    Is there a way to set only one session for a user? Nowadays, users can open different sessions on web portal with different Web Browser.

    If possible, I want that when a user is logged in on the web portal, if the same user tries to log in…

  • How to check an event in the process generating condition


    I need to check in a process generating condition if the event is an insert or it is an update.

    Can you help?

    Thank you,


  • Error in un-linking admin AD account to person record

    Hi All, 

    I am having an error [810025] ADSAccount: Write permission denied for value "UID_Person". when I try to un-assign the admin account to a person record. What could be the best approach to remove the admin account to the person record 

  • Unable to input the password to Create a new SQL Server Logins for the database in Configuration Wizard as it is greyed out, and even unable to use other options as I get different error messages.

    Hello Everyone,

    I'm having a weird issue, I'm not sure if the approach is correct or wrong, as I'm completely new to OIM, and this is happening while creating new SQL Server Logins for the administrator in Configuration Wizard.

    Version: 9…

  • How can I determine account definition removal?


    We have been seeing some Person's getting removed from an Account Definition by SA. I'm not certain why these have occurred. Nothing fired any of the retain account definition options. Can someone tell me how I can determine why this is happening…

  • Unable to connect with the service account for one of a client while trying to enter the user account for installing and operating the service.

    Dear All,

    Currently, we are having an issue with one of our clients and this is a new implementation project for OIM, with OIM 9.1 version.

    Steps to reproduce:

    1) We have created a path for the installation of OIM in folder C:\OIM\One IdentityManager9…

  • Change Manger through Web Portal

    Hi everyone,

    I use OIM version 81.5 and I want to change a default behaviour of OIM in the Web Portal.

    When a manager wants change his subordinates' manager, he click on the subordinate, then on "Master Data" and finally on the button "Assign new manager…

  • User SA in XUserInserted/Updated

    Who does the IDM refer to when the user who changed or created was the SA?

  • Duplicate ADSAccount Objects

    Some accounts are mysteriously being duplicated in IDM pointing to the ObjectGUID and SID of the original object, however not existing in IDM, not following the cause, has anyone experienced this or know of a solution? If so, what would be the best way…

  • Where can I find documentation on PowerShell connect for IDM?

    Hi, I am currently in need of training for using PowerShell connectors for Identity Management (IDM). However, I couldn't find any clear documentation. Can you please guide me on where to download the relevant documents?

  • Revision filter supported by which connectors

    What are the connectors that support the revision filter? Why doesn't Azure AD support revision filter? Would it be possible for connectors like Azure AD to receive revision filter?

  • In V9.0 LTS profileHasAuthObjectField step, while synching SAP authorization details from Target System it is not synching the data when records are huge

    In V9.0 LTS profileHasAuthObjectField step, while synching SAP authorization details from Target System it is not synching the data when records are huge.

    This step at first instance was supposed to fetch around 80 millions of records which is not able…

  • missing internal name information


    Reaching out to anyone who may have seen this issue. A person fills out the web portal form to insert a user and it allows the field to get populated. The internal name does not generate like the first name is missing and the central account is not…

  • How do StringErrors work in IDM?

    I would like to know how StringErrors work, for example the message that is displayed on the Login screen "[1205002] You are not authorized to use this database.", it is not translated (and it is not even found in the DialogMultiLanguage table), neither…