Hello experts,

Can someone tell me if we can keep group membership of a group assigned by a business role after termination? We have the AD account deferred for 90 days after termination. 

Thank you,

Lu

Hi

Version: OIM 8.2

is possible to block or to limit acess from a specifc ADSAccount (used for suport cases) to the Web portal, the method used  Actually for login is Active Directory user Account (Manual Input/Role Based)

the question is if have some…

Maulik Nayak portrayal of 'Bhaglo' is a character who communicates volumes through silence. In the film 'Hellaro,' 'Bhaglo' is a pivotal figure who conveys a deep range of emotions and experiences without uttering a word. Nayak's performance is a testament…

Hi!
I would appreciate your help with:
1. Is there a way to create a container based on Department for a specific domain and assign a user? I tried using Synchronization Editor but only what it removed existing containers
2. When creating a user, a mail…

Hi to all!

I've configured an Active Directory connector using the remote connection plugin, it seems to work correctly except for the simulation function. When I click the simulate button I get no any results, but when I run the sync project it performs…

Hi

Is there a report available that we can use to tell us differences between what One Identity believes is in Active directory (ADSAccount) and what is actually in Active directory?

For example: We have identified quite a few ADSAccount records where…

Hi,

I have a request from customer about the possibility to give Full Control Permissions over an Active Directory Computer through One Identity Manager 8.1.5, maybe through request on ITSHOP.

The reason is about having the permissions to make a rejoin…

Hi,

I've encountered the following error when running Active Directory Initial Synchronization.

[System.Exception] Error carrying out the user_protectedfromaccidentaldeletion_Get operation on object CN=ASPNET,CN=Users,DC="blank",DC=lan (Error: [System…

Hello group!!

Recently, we have decommissioned an Active Directory domain and now what we want to do is remove it from IDM and all of its related objects.

After doing some search in the One Identity documentation, I have found this stored procedure QB…

Hi,

Currently we are using version 8.1.3.

Once in a while the client team review the log of the synchronization  project "SAPHR" (CSV File import).

The log contains a few error messages regarding Synchronization step "Person".

Usually…

Hello 

I have a little problem with active directory group assignment.

I want the disable users group to be added to the active directory account when the user is disabled.

I also want it to be removed from all other groups except this group.

What should…

Hello,

I'm trying to provision a hierarchical structure of OUs to AD. One of the problems I have is that in OIM I've created, at the same hierarchical level, multiple OUs with the same name. This seems to be allowed in OIM, but not allowed in AD; and…

Hi Team,

AD sync is continuously failing with error,

ErrorMessages (2022-05-12 11:56:52.830) [2134003] Error executing synchronization.
[1777018] Error executing synchronization project (Active Directory Domain (DC=***,DC=INT))'s workflow (Active Directory…

Hi Team,

I have set-up birth right AD group at root location so all users who are on-boarded getting added to that group but while applying the setting AD group was added to all inactive users as well.

How can we limit this to only active users?

I need help to create a connector with active directory, make a synchronization project and create users, if possible I would like a documentation on how to do these procedures...

Version: 8.1.4

I'm trying to create users inside the "Manager", but not synchronize I get the message in the report: "The object of type (ADSAccount) was ignored during synchronization." - "Reason: The object has pending process steps".…

I'm trying to sync my active directory (windows server 2016) with One identity manager but the installation doesn't recognize my Job server.
I tried to release the sync permission by the Designer but the application does not finalize the command…

I published and reset the outstanding group object in Active directory however it is reverting to be outstanding. What should be the best way to fix the outstanding object? I need to to publish it as the user is in need of the group membership in AD but…

We received a hint from our colleagues, who administrate the Active Directory, that we can exclude user objects, which have the value 2048 in the attribute userAccountControl.

We have done first tests with our own schema class - in our opinion this worked…

Hello!

1IM 8.1 SP2.

We try create synchronization project for Active Directory. DC Active Directory is place in DMZ.

We have opened on DC only ldap(s) – 389 (ldap), 636 (ldaps), 88 (Kerberos), 53 (DNS) ports. In process loading schema we have crush report…

Hi Community,

While I am trying to update the AD account attribute in ADSAccount table, the OOTB process "ADS_ADSAccount_Update/(De-)activate" triggers and it is erroring out in the provisioning step with the following error.

Error executing synchronization…

Hi Community,

I have been trying to provision an AD account, and created an provisioning workflow for that in the synchronization editor. But, whenever I try to update any parameter in the ADAccount table the following OOTB process "ADS_ADSAccount_Update…

I have AD groups assigned to Department with inheritance - how to assign this groups only to employees in this department which meet the condition?

Hello Dears,

I am integrating Active Directory with One identity Manager.

When I create a synchronization project through synchronization editor I am facing the following error

"ADSDomain: The following fields are compulsory and need to be filled: Forest…

Hi Fellow Experts,

Hope everyone is doing well.

A quick question, I'll be apply a scope filter to only sync 1 OU (at target system side) in synchronization project which will make 95% of the objects Outstanding.

Now, will deleting the Outstanding…