Hi,
While creating and before assigning Account Definitions, I have created the mappings for the following attributes:
ADSAccount - IsGroupAccount
ADSAccount - UID_ADSContainer
For the attributes
3) ADSAccount - UID_HomeServer and
4) ADSAccount - UID_ProfileServer…
Hello,
I need help to assign offboarding groups to AD accounts, managed with account defintion, when identity got disabled and AD account too.
I have a business role with the account definition that is removed when the identity is disabled and another…
Hi everyone,
I have a scenario in One Identity Manager where a user already exists in the One Identity environment with a defined and valid password. However, this user does not yet exist in Active Directory.
When I assign an Account Definition to trigger…
Hello All,
I get an Error for Account Def assignment.
ErrorMessages (2025-03-24 16:58:11.117) [810077] ADSAccount: The following fields are compulsory and need to be filled: Canonical name, Name, Distinguished name, Login name (pre Win2000).
This is a…
(2025-02-14 18:39:00.097) [2134003] Error running synchronization.
[1777018] Error running synchronization project (Active Directory Domain (DC=AD-LAB,DC=LOCAL))'s workflow (Initial Synchronization).
[1777292] Error connecting system (Active Directory…
(2025-02-14 18:39:00.097) [2134003] Error running synchronization.
[1777018] Error running synchronization project (Active Directory Domain (DC=AD-LAB,DC=LOCAL))'s workflow (Initial Synchronization).
[1777292] Error connecting system (Active Directory…
Is there the possibility to show in One Identity the last login in Azure?
The new version 9.3 will introduce this possibility?
Hey guys,
How can I change the display pattern of the result list of AD groups when I try to assign a group to an AD user?
Right now it shows the display names of the groups, but I want to change it to the CN.
I am talking about the interface where…
I am having requirement to define the Azure AD group to get added for Standard and Cloud admin. I do not see any reference number in MPFM for this requirement. Do we have any link to see category and reference number
What is the good practise regarding the updating of user accounts in the scenario of where the person gets married?
*disclaimer* I am currently pre-implmentation certified (all theory no practise), so I have done the courses and certifications but have…
Hi!
I would appreciate your help with:
1. Is there a way to create a container based on Department for a specific domain and assign a user? I tried using Synchronization Editor but only what it removed existing containers
2. When creating a user, a mail…
Hello,
I'm trying to provision a hierarchical structure of OUs to AD. One of the problems I have is that in OIM I've created, at the same hierarchical level, multiple OUs with the same name. This seems to be allowed in OIM, but not allowed in AD; and…
Hi Team,
I have set-up birth right AD group at root location so all users who are on-boarded getting added to that group but while applying the setting AD group was added to all inactive users as well.
How can we limit this to only active users?
We received a hint from our colleagues, who administrate the Active Directory, that we can exclude user objects, which have the value 2048 in the attribute userAccountControl.
We have done first tests with our own schema class - in our opinion this worked…
Hello!
1IM 8.1 SP2.
We try create synchronization project for Active Directory. DC Active Directory is place in DMZ.
We have opened on DC only ldap(s) – 389 (ldap), 636 (ldaps), 88 (Kerberos), 53 (DNS) ports. In process loading schema we have crush report…
I have AD groups assigned to Department with inheritance - how to assign this groups only to employees in this department which meet the condition?
Hello Dears,
I am integrating Active Directory with One identity Manager.
When I create a synchronization project through synchronization editor I am facing the following error
"ADSDomain: The following fields are compulsory and need to be filled: Forest…
Hi Everyone,
We have a requirement while creating a new contractor manually from the IT shop, Joining Date should be automatically populated as the current date,
so that users cannot select the previous date, and in the case of leaving date, past dates…
Hi all, I have a sets of user and I added a license on their department all user where to sync properly into AD but among them there is one user who does does not sync into the ad properly when I check the AD it is missing the License. I am currently…
Hi again, I have a problem regarding the deactivating an Active Directory account. It appears that the account is already INACTIVE in One Identity but still active on ACTIVE DIRECTORY.
Hi
I would like to get data about Expiry date from AD - parameter msDS-UserPasswordExpiryTimeComputed
As I checked it is the same forma as AccountExpires parameter.
Where I do not find solution is how can I create vrt property to transfer this number to…
My AD Account Provisioning has stopped working. It always fails with the error "not all mandatory properties are defined". It is complaining about "cn, objectClass, sAMAccountName".
To eliminate moving parts, I go to the Sync Editor…
Hello!
1IM 8.1. SP2.
I created Sync Project Active Directory.
I did not change scopes or filters.
Not all OU inserted ADSContainer table after syncronization.
Logs has not errors about OU.
In test enviroment with test AD all ok.
Why it did?
Hello,
I'm actually in the following case:
When I create a user in the OiM WebPortal, the User is created in the Person Table in the DB.
How can I do to send this user created to the ADSAccount table?
I just want to automatically synchronize the user…
I have design one custom request form on the IT shop where a user will provide hostname of his/her domain joined machine and custom process will add that machine in one Active Directory group. This is working perfectly fine!
Now I have to create a custom…
