Browse By Tags

  • Not all OU in 1IM DB after Active Directory Syncronization (Missing some OUs)

    Hello! 

    1IM 8.1. SP2. 

    I created Sync Project Active Directory. 

    I did not change scopes or filters. 

    Not all OU inserted ADSContainer table after syncronization.

    Logs has not errors about OU. 

    In test enviroment with test AD all ok.

    Why it did?    

  • Delay in execution of Password Reset and Account Unlock operations

    Hello everyone. We have one custom script in the production which is performing password reset and account unlock operations on the domain. This script is called by an external application (IVR Solution) with AD SAMAccountName as input parameter and script…

  • New-QADUser cmdlet Issue when logging the account creation event

    So when using the new-qaduser cmdlet, see below, The Event Log for event 4720 on the DC its connecting to to create the user account shows:

    Security ID: Domain\testing3
    Account Name: $2RG100-UU7PKQ1Q51GA
    Account Domain: Domain

    Attributes:
    SAM Account…

  • Secure Privileged Access in a Hybrid Active Directory World

    The ubiquitous use of Microsoft Active Directory (AD) and Azure AD in 95 percent of the global Fortune 1000 companies make it the primary target of cyberattacks. Now, as more and more organizations integrate their Privileged Access Management (PAM) into…

  • Need to understand the traffic generation from AD connector and Native Database connector

    Hello,

    We are using version 8.1.3 and we are using AD connector and Native Database connector which has connectivity with One IM database via Application Server. This is our QA environment and there is no major activity going on between One IM database…

  • Getting error in AD synchornization to Update

    Hi,

    Getting error while running AD Synchronization to Update. Synchronization inserting to AD from one identity manger is fine.

    Error As follows

    [System.DirectoryServices.DirectoryServicesCOMException] There is no such object on the server.

    Regards,

  • Business role for active directory groups take a long time to add users

    Hello,

    Has anyone seen any issues with adding users to groups through a business role?

    We have a few that we need to add users to upon creation. It seems to take a good while before the users get added to the group.

    The business role is assigned but the…

  • Synchronization Person Table to Active Directory

    Hello, 

    I'm actually in the following case:

    When I create a user in the OiM WebPortal, the User is created in the Person Table in the DB. 

    How can I do to send this user created to the ADSAccount table? 

    I just want to automatically synchronize the user…

  • Automatic removal of ADSMachines from an ADSGroup

    I have design one custom request form on the IT shop where a user will provide hostname of his/her domain joined machine and custom process will add that machine in one Active Directory group. This is working perfectly fine!

    Now I have to create a custom…

  • KuppingerCole Executive View on One Identity Active Roles

    With Microsoft Active Directory (AD) and Azure Active Directory (AAD) in 95 percent of Fortune 1000 organizations worldwide, the hybrid AD environment is a huge target for cyberattacks. It’s a challenge to manage and secure AD/AAD account lifecycle management…

  • ActiveRoles Management Shell for Active Directory version 1.6

    Hi team,

    I know that ActiveRoles Management Shell for Active Directory version 1.5 was last free version post that they have mentioned it should be commercial software but however no details on version 1.6 if it is free or commercial, because 1.7 mentioned…

  • Are we bouncing back or adjusting to a new way to work?

    As most companies and organizations adjusted to the abrupt change, I must admit that I missed some of the challenges they were facing. Our company, One Identity – which is a Quest Software business, was probably more prepared than most since a good portion…

  • Exchange Properties of users are not getting open for some users

    Hello,

    We are recently facing the issue on few users for whom we are not able to open exchange properties. Other tabs are working fine, but when we select exchange properties in ARS portal after opening user general properties, it takes time and finally…

  • Error creating ADSAccount with Account Definition

    Hi All,

    OneIM version it's 8.1

    We have the next problem creating the ADSAccounts with an Account Definition:

    ErrorMessages	(2020-05-29 12:05:31.517) [810023] Error during execution of statement: insert into QBMPwdHistory (DateInserted, HashValue,…

  • Welcome to My World – How to Easily Handle a Sudden Storm of Active Directory Provisioning Tasks

    This current global health crisis has created chaos and hardship for individuals, families, companies and governments. With events canceled or postponed, offices closed and personal routines put on hold, life as we previously knew it, quickly changed…

  • Mismatch AD versions

    Hi Experts

    Hope  you are doing well. We are using Identity Manager 8.0 and currently our Active directory version in our production environment is below –

    • Forest Functional Level (FFL) 2003
    • Domain Functional Level (DFL) 2008R2
    • OS 2008R2
    • Schema …
  • Is it a big risk if we have different schema version of AD in prod and pre-prod environment

    Hi Experts 

    We are using Identity manager version 8 and We have two AD one for Prod and another for non-prod. Both are align to same schema version that was 47

    However Recently there are some changes and non-prod AD upgraded to schema version of 87. If…

  • AD sync project doesn't dump all the accounts

    Hello everyone,

    I have created a sync project with an AD domain. I can dump the information into One Identity 8.1. The problem is that seems there is 400 accounts in the domain, however, I can only dump about 80 accounts into the system. I did not see…

  • Bouncing Back from Forced Change – the Active Directory Angle

    As you know, recent events forced nearly every organization in the world to quickly adjust the status of its workforce. Whether it was to transition office-based workers to remote access, to temporarily furlough employees with the intent to bring them…

  • Web Portal - AD Authentication for employees

    Dear fellow experts,

    Just need some pointers for my use case and I was hoping someone can point me in the right direction.

    I have Employees (Person Objects) who have ADSAccount linked to them. I would like them to authenticate to the Web Portal using…

  • Assigning AD group to Business Role via API

    Looking for information on assigning AD Groups to a Business Role via the API.

    I think I may have found the correct assignments table but I cannot seem to get it to work: OrgHasADSGroup

    I have tried using it both ways with Group / Role (Org Tree) like…

  • Single Employee attribute update from ADS Account for all employees.

    Hi,

    Quick question, If I need to update only one attribute (say DefaultEmailAddress of Person) from AD user object (mail) for all persons after an Active Directory Synchronization Run, do I just modify the script , or is there an OOTB approach for this…

  • Provision AD and Exchange from One Identity if DNS cannot resolve the domain

    Hello everyone, we recently upgraded our exchange from 2010 to 2016 in Production (Currently one IDM is connected to exchange 2010 and we have both exchange 2010 and 2016 in our production. However, soon they will decommission the 2010 version). I need…

  • AS400 / AD integration

    Team,

    We at JDA currently using Authentication services and integrated our Unix servers with AD.

    Now, we are also looking to integrate our AS400's / IBM i 7.3 servers to AD.

    Could any one please advise me which one of your solutions will help us in integrating…

  • AIX.5.3/VAS 3.5.2 and I broke a server

    I'm in way over my head.  My vas expert left the company.  I was moving some files from server to server in /etc/opt/quest/vas, and inadvertently copied everything in the folder to a different server.  As you probably guessed, this entirely broke the…