Hello,
I need help to assign offboarding groups to AD accounts, managed with account defintion, when identity got disabled and AD account too.
I have a business role with the account definition that is removed when the identity is disabled and another…
Hi everyone,
I have a scenario in One Identity Manager where a user already exists in the One Identity environment with a defined and valid password. However, this user does not yet exist in Active Directory.
When I assign an Account Definition to trigger…
Hello All,
I get an Error for Account Def assignment.
ErrorMessages (2025-03-24 16:58:11.117) [810077] ADSAccount: The following fields are compulsory and need to be filled: Canonical name, Name, Distinguished name, Login name (pre Win2000).
This is a…
[2134003] Error running synchronization.
[1777018] Error running synchronization project (Active Directory Domain (DC=AD-LAB,DC=LOCAL))'s workflow (Provisioning).
[1777124] Error running synchronization step (computer) of synchronization configuration…
(2025-02-14 18:39:00.097) [2134003] Error running synchronization.
[1777018] Error running synchronization project (Active Directory Domain (DC=AD-LAB,DC=LOCAL))'s workflow (Initial Synchronization).
[1777292] Error connecting system (Active Directory…
(2025-02-14 18:39:00.097) [2134003] Error running synchronization.
[1777018] Error running synchronization project (Active Directory Domain (DC=AD-LAB,DC=LOCAL))'s workflow (Initial Synchronization).
[1777292] Error connecting system (Active Directory…
Is there the possibility to show in One Identity the last login in Azure?
The new version 9.3 will introduce this possibility?
Hello experts.
I am turning to you becouse I'm running out of ideas as to why there is a task "Synchronize this object" present in DEV environment, but not in PROD environment.
We created a first time installation at our customer in DEV…
Hey guys,
How can I change the display pattern of the result list of AD groups when I try to assign a group to an AD user?
Right now it shows the display names of the groups, but I want to change it to the CN.
I am talking about the interface where…
Hi,
Normally we have set the deferred deletion period 7300 days (20 years.) It means we don't want the accounts are deleted. But we have an exceptional situation for if a new identity certification was denied then we want to delete Identity and all…
I am having requirement to define the Azure AD group to get added for Standard and Cloud admin. I do not see any reference number in MPFM for this requirement. Do we have any link to see category and reference number
Hi
We are using Identity Manager On-demand Starling 8.2.1
We don't have an Active Directory test environment so the way we get past this is to enable "Read-Only" mode on the Production target system connector within our Test environment.…
We have created a dynamic role assignment and assign a certain AD group to it.
The AD group appears in OIM to be added to the user, however it was not reflecting/applying to actual AD.
No frozen jobs found in job queue. We are using version 9.0 LTS.
Also…
What is the good practise regarding the updating of user accounts in the scenario of where the person gets married?
*disclaimer* I am currently pre-implmentation certified (all theory no practise), so I have done the courses and certifications but have…
Hello experts,
Can someone tell me if we can keep group membership of a group assigned by a business role after termination? We have the AD account deferred for 90 days after termination.
Thank you,
Lu
Hi
Version: OIM 8.2
is possible to block or to limit acess from a specifc ADSAccount (used for suport cases) to the Web portal, the method used Actually for login is Active Directory user Account (Manual Input/Role Based)
the question is if have some…
Maulik Nayak portrayal of 'Bhaglo' is a character who communicates volumes through silence. In the film 'Hellaro,' 'Bhaglo' is a pivotal figure who conveys a deep range of emotions and experiences without uttering a word. Nayak's performance is a testament…
Hi!
I would appreciate your help with:
1. Is there a way to create a container based on Department for a specific domain and assign a user? I tried using Synchronization Editor but only what it removed existing containers
2. When creating a user, a mail…
Hi to all!
I've configured an Active Directory connector using the remote connection plugin, it seems to work correctly except for the simulation function. When I click the simulate button I get no any results, but when I run the sync project it performs…
Hi
Is there a report available that we can use to tell us differences between what One Identity believes is in Active directory (ADSAccount) and what is actually in Active directory?
For example: We have identified quite a few ADSAccount records where…
Hi,
I have a request from customer about the possibility to give Full Control Permissions over an Active Directory Computer through One Identity Manager 8.1.5, maybe through request on ITSHOP.
The reason is about having the permissions to make a rejoin…
Hi,
I've encountered the following error when running Active Directory Initial Synchronization.
[System.Exception] Error carrying out the user_protectedfromaccidentaldeletion_Get operation on object CN=ASPNET,CN=Users,DC="blank",DC=lan (Error: [System…
Hello group!!
Recently, we have decommissioned an Active Directory domain and now what we want to do is remove it from IDM and all of its related objects.
After doing some search in the One Identity documentation, I have found this stored procedure QB…
Hi,
Currently we are using version 8.1.3.
Once in a while the client team review the log of the synchronization project "SAPHR" (CSV File import).
The log contains a few error messages regarding Synchronization step "Person".
Usually…
Hello
I have a little problem with active directory group assignment.
I want the disable users group to be added to the active directory account when the user is disabled.
I also want it to be removed from all other groups except this group.
What should…
