• State Not Answered
  • Replies 5 replies
  • Subscribers 28 subscribers
  • Views 1013 views
  • Users 0 members are here
Options
Related

delete directory in Identity and Authentication

dario guastella
over 2 years ago

Which are the risks to delete and re-add the directory in Identity and Authentication?

might happen to lose some rules or configuration or security policies? which are the security policies that could be affected?

And if i try to delete it displayed a pop up with this:

"This object is referenced by User salvalaggio, User jallemand.......(50104)"

what is the meaning of this?

Please help me

thanks a lot

Parents
  • 0 over 2 years ago

    Hi Dario,

    Is there a reason you need to delete the Directory Provider in Identity and Authentication?

    The pop up message is saying that you have existing AD users that are using the Directory in Identity and Authentication as their Directory Provider and therefore would not allow the deletions unless the AD users are deleted first but this will remove all configurations related to the AD users and is not recoverable change unless you restore from backup.

    Thanks!

  • 0 over 2 years ago in reply to Tawfiq.Ahmad

    great Tawfiq, yes there is a reason and i try to explain you in the best way.

    the customer needs to integrate Azure as a second authentication factor, so I did the configurations for another identity and authentication provider (Azure) in safeguard. I followed this link from KB: Configuring Microsoft’s Azure AD Federation with Safeguard (233671) (oneidentity.com)

    is absolutely not complicated.

    So, it didn't work and I opened a ticket. After support analysis they told me to modify an AD attribute on the Safeguard tab, that is External Federation Authentication parameter (from mail to UserPrincipalName),  but I can't do this modification of the attribute because I get an error ("Specify either an account by ID or credentials, not both. (60409)).
    Support has NEVER responded to this error. The only proposal is to delete the directory and redo it but I'm afraid of the consequences.

    So, if the problem is only related to the 10 users indicated in the pop up that appeared trying to delete the directory, I can delete them and recreate them manually with their entitlements etc etc but how is it possible that these users are referred? what does it mean? how did they do it? It's a pitty that i cannot attache this pop up.

    Thank you for your worry and your analysis. 

  • 0 over 2 years ago in reply to dario guastella

    You can check the user objects in SPP to confirm from the Users Pane > double click on the user and check the Identity tab and Authentication tab which can show if these are linked to the same directory provider listed in identity and authentication.

  • 0 over 2 years ago in reply to Tawfiq.Ahmad

    yes, i confirm that for all 10 users for the tab Identity and the tab Autnentication is the same directory provider. But only 5 users are active yet. So i am thinking to delete the directory and to recreate only these 5 active users with all their configurations, entitlements and so on. What do you think? thank you really very much!!!

  • 0 over 2 years ago in reply to dario guastella

    Hi Dario,

    If this was a proposed solution via an existing service request then you can certainly continue working with support on this.

    Thanks!

Reply Children
No Data