Browse By Tags

  • Exchange Properties of users are not getting open for some users

    Hello,

    We are recently facing the issue on few users for whom we are not able to open exchange properties. Other tabs are working fine, but when we select exchange properties in ARS portal after opening user general properties, it takes time and finally…

  • Error creating ADSAccount with Account Definition

    Hi All,

    OneIM version it's 8.1

    We have the next problem creating the ADSAccounts with an Account Definition:

    ErrorMessages	(2020-05-29 12:05:31.517) [810023] Error during execution of statement: insert into QBMPwdHistory (DateInserted, HashValue,…

  • Welcome to My World – How to Easily Handle a Sudden Storm of Active Directory Provisioning Tasks

    This current global health crisis has created chaos and hardship for individuals, families, companies and governments. With events canceled or postponed, offices closed and personal routines put on hold, life as we previously knew it, quickly changed…

  • Mismatch AD versions

    Hi Experts

    Hope  you are doing well. We are using Identity Manager 8.0 and currently our Active directory version in our production environment is below –

    • Forest Functional Level (FFL) 2003
    • Domain Functional Level (DFL) 2008R2
    • OS 2008R2
    • Schema …
  • Is it a big risk if we have different schema version of AD in prod and pre-prod environment

    Hi Experts 

    We are using Identity manager version 8 and We have two AD one for Prod and another for non-prod. Both are align to same schema version that was 47

    However Recently there are some changes and non-prod AD upgraded to schema version of 87. If…

  • AD sync project doesn't dump all the accounts

    Hello everyone,

    I have created a sync project with an AD domain. I can dump the information into One Identity 8.1. The problem is that seems there is 400 accounts in the domain, however, I can only dump about 80 accounts into the system. I did not see…

  • Bouncing Back from Forced Change – the Active Directory Angle

    As you know, recent events forced nearly every organization in the world to quickly adjust the status of its workforce. Whether it was to transition office-based workers to remote access, to temporarily furlough employees with the intent to bring them…

  • Web Portal - AD Authentication for employees

    Dear fellow experts,

    Just need some pointers for my use case and I was hoping someone can point me in the right direction.

    I have Employees (Person Objects) who have ADSAccount linked to them. I would like them to authenticate to the Web Portal using…

  • Assigning AD group to Business Role via API

    Looking for information on assigning AD Groups to a Business Role via the API.

    I think I may have found the correct assignments table but I cannot seem to get it to work: OrgHasADSGroup

    I have tried using it both ways with Group / Role (Org Tree) like…

  • Single Employee attribute update from ADS Account for all employees.

    Hi,

    Quick question, If I need to update only one attribute (say DefaultEmailAddress of Person) from AD user object (mail) for all persons after an Active Directory Synchronization Run, do I just modify the script , or is there an OOTB approach for this…

  • Provision AD and Exchange from One Identity if DNS cannot resolve the domain

    Hello everyone, we recently upgraded our exchange from 2010 to 2016 in Production (Currently one IDM is connected to exchange 2010 and we have both exchange 2010 and 2016 in our production. However, soon they will decommission the 2010 version). I need…

  • AS400 / AD integration

    Team,

    We at JDA currently using Authentication services and integrated our Unix servers with AD.

    Now, we are also looking to integrate our AS400's / IBM i 7.3 servers to AD.

    Could any one please advise me which one of your solutions will help us in integrating…

  • AIX.5.3/VAS 3.5.2 and I broke a server

    I'm in way over my head.  My vas expert left the company.  I was moving some files from server to server in /etc/opt/quest/vas, and inadvertently copied everything in the folder to a different server.  As you probably guessed, this entirely broke the…

  • How can we have Active Directory account same privileges as Viadmin user

    Hi,

    We are using version 8.0 and we have a requirement where in we don't want to use system user credentials to log in to the tools and instead we want to use Active Directory account credentials. In order to achieve this, we need to have viadmin privileges…

  • One Identity: Globale Umfrage offenbart Bedeutung und Auswirkungen von „Pass the Hash“-Angriffen sowie die diesbezügliche Verunsicherung und hebt den Bedarf an Best Practices beim Privileged Access und Active Directory Management hervor

    • Die Umfrage unter mehr als 1.000 IT-Sicherheitsexperten offenbart die geschäftlichen Auswirkungen eines Angriffs mithilfe von gestohlenen Administrator-Anmeldedaten, auch unter dem Namen „Pass the Hash“-Angriff bekannt
    • Zwei von fünf…
  • Les entreprises françaises sont la cible de nombreuses cyberattaques de type « Pass-the-Hash »

    L’étude mondiale de One Identity met en lumière qu’au niveau mondial la gestion des accès à privilèges, et de l’Active Directory, au sein des entreprises reste sommaire au risque de laisser leur réseau entier exposé aux cybercriminels utilisant la technique…

  • You Can Live a Dual Life – Use Cases and Solutions for a Hybrid World

    Hannah Montana was right: you can have the best of both worlds. Though the late 2000s teen queen was singing about her secret double life as a high-flying pop star and a down-to-earth high school student, it turns out that that life goal now also applies…

  • Unable to delink Employee Record from an old AD account

    Hi Gurus,

    Fairly new here so please be kind with my terminologies. In our OIM, we have HR Personnel information coming from Oracle eBusiness Suite (EBS)

    A certain personnel was turned from Contractor to Full time employee, and hence a new AD account was…

  • Can Pauline Find Productivity without AD-Centered Identity Management?

    Which introductory experience do new hires to your organization get? Are they able to login on their first day and access all necessary resources to do their basic job? Or… are they temporarily assigned a left-over cubicle with no phone, computer or network…

  • Connection error occurs in AD processes

    Hi,

    Sometimes we face issue while executing AD processes or saving AD object and the error is "Connection to ADSDomain could not be detected". We then compile the database and restart the service, tools and then re execute the process and it…

  • Unable to sync a multivalue column in Active directory from One Identity manager

    Hello Team,

    We have created a String type column and marked it as Multi-valued in ADSAccount table as we want to sync the column values in AD "Proxy Address" attribute which is a multi-valued. We are unable to sync the value in AD and neither we are able…

  • active directory group membership sync base on xOrigin

    Hi

    Can anyone please help me out of the below requirement. 

    During the active directory group sync, I want to delete all the direct (Xorigin = 1) membership from 1IM if memberships are not present in AD however if memberships are indirect (xOrigin> 1)…

  • Active Directory Authentication not working

    Hi,

    We are trying to setup AD authentication following the guide:

    https://support.oneidentity.com/identity-manager/kb/239053/sso-single-sign-on-is-not-working-for-the-web-portal

    But, we don't want to disable the anonymous Authentication.

    And It is…

  • Why account definition is checked when Department is updated for any user?

    Hi Experts,

    I tried to update few attributes in AD for the user like firstname, lastname, description, department. I have noticed that with only department change the account definition is again checked for the user and accordingly the container of the…

  • Starling Connect extends your identity administration and governance capabilities to the cloud

    You already know the amazing capabilities of One Identity Active Roles and how it simplifies and centralizes provisioning and deprovisioning processes for your Active Directory and Azure Active Directory-controlled identities. You know that it provides…