Browse By Tags

  • Assigning AD group to Business Role via API

    Looking for information on assigning AD Groups to a Business Role via the API.

    I think I may have found the correct assignments table but I cannot seem to get it to work: OrgHasADSGroup

    I have tried using it both ways with Group / Role (Org Tree) like…

  • Provision AD and Exchange from One Identity if DNS cannot resolve the domain

    Hello everyone, we recently upgraded our exchange from 2010 to 2016 in Production (Currently one IDM is connected to exchange 2010 and we have both exchange 2010 and 2016 in our production. However, soon they will decommission the 2010 version). I need…

  • AS400 / AD integration

    Team,

    We at JDA currently using Authentication services and integrated our Unix servers with AD.

    Now, we are also looking to integrate our AS400's / IBM i 7.3 servers to AD.

    Could any one please advise me which one of your solutions will help us in integrating…

  • Unable to delink Employee Record from an old AD account

    Hi Gurus,

    Fairly new here so please be kind with my terminologies. In our OIM, we have HR Personnel information coming from Oracle eBusiness Suite (EBS)

    A certain personnel was turned from Contractor to Full time employee, and hence a new AD account was…

  • active directory group membership sync base on xOrigin

    Hi

    Can anyone please help me out of the below requirement. 

    During the active directory group sync, I want to delete all the direct (Xorigin = 1) membership from 1IM if memberships are not present in AD however if memberships are indirect (xOrigin> 1)…

  • Active Directory Authentication not working

    Hi,

    We are trying to setup AD authentication following the guide:

    https://support.oneidentity.com/identity-manager/kb/239053/sso-single-sign-on-is-not-working-for-the-web-portal

    But, we don't want to disable the anonymous Authentication.

    And It is…

  • AD Sync based on group membership assignment

    Hi Experts

    I am trying to achieve some sync task however not sure what is the best solution. the task is - 

    If any group membership missing in AD however the membership present in IAM, during the sync the action should be 

    • If the membership in Identity…
  • Configuring Samba Client on RHEL 7 to access a windows share

    Hi,

    I am relatively new to the Quest One Identity software . 

    I am working on configuring  Samba client on Red Hat Linux REHL 7  to access a windows share . 

    We have Quest One Idenity implemented (VAS 4.0) with PAM authentication from Active  directory. We…

  • Could not create account in Active Directory complaining on password policy

    Hi Experts 

    I am getting a password policy violation error while adding ADSAccount to the target.

    Please find the error below - 

    ErrorMessages () [1777018] Error executing synchronization project (Active Directory Domain )'s workflow (Provisioning).…

  • One Identity Manager - Active Directory Synchronisation

    Hello,
    Novice on the tool, I need help with the synchronization of the active directory and one identity manager.
    After installing, and trying to sync, the information on my active directory is not the same as that of one identity manager.

  • Virtual property for behavior

    Hello!

    I'm trying to add a virtual property to ADSAccount (user) to get the TSBBehavior ITDataUsage of an ADSAccount, with the intention of using the value in mapping conditions to control the rogue modification correction.

    I have added an Object Reference…

  • Administrative Policy returned an error when adding user to ou group via Active Roles

    I received the following error when we try and provision a user to a specific group in AD. We use ARS in our implementation. Is this a fix we need to make on our side or does it relate to a permission on the AD side?

    Method ( (Update)) could not be executed…

  • ADS_ADSDomain_SearchandCreate_Person_PostSync - error messages

    Hello Experts,

    ADS_ADSDomain_SearchandCreate_Person_PostSync  is frozen is with below error

    Error messages : 

    ErrorMessages = (2018-11-07 18:33:58.230) [810222] Error executing script 'ADS_PersonAuto_Mapping_ADSAccount'.
    [System.Exception] Error…

  • Creating Home Folder in AD using exact credentials

    I have a problem with the creating of home folder for AD Accounts. We don't have Job Service on the home server, so I had to customize default process to make this process to be executed by our job servers.

    Everything works fine in development environment…

  • What is the difference between One Idm Active directory version vs Normal version vs Governance version.

    What is the difference between One Idm Active directory version vs Normal version vs Governance version. In all version having all the features.What the feature wise lacking of different versions and its advantage.

  • Changing the default shelf where Ad groups are auto-published

    Hello experts,

     

    We would like to publish our AD Groups in another shelf different from the default one. Version 7.1.2.

     

    We have tried to edit the script “ADS_AssignADSGroupsToITShop” which, as far as we know, contains the instruction to publish it in…

  • Insert ADSGroup not triggered after create a new ADSGroup using a sync project from CSV to ADSGroup

    Hello,

    I have two sync projects in my environment. One for AD sync and another one to create ADSGroups based on the info that I have in a CSV. The groups are created correctly, but the Insert task for ADSGroup is not triggered.

    If I trigger the insert…

  • Upgrade to Awesome with Identity Manager - Part One

    Upgrade from Identity Manager 6.x - Synchronization

    Welcome to the first installment of our Upgrade to Awesome blog series, in it we'll take a look at the performance boost in version 7 connectors. This is important to understand as we prepare for the…

  • Everything You Ever Wanted to Know About Active Directory Management and Security but Were Afraid to Ask

    A little while back I was reviewing anecdotal stories from some of our One Identity solutions customers. I found an alarming theme across a number of them. Alright it was alarming for these customers but encouraging for me and the IAM solutions I represent…

  • How to update account manager from one identity manager to Active Directory?

    Hi ,

    we are updating Manager field while creating identity in one IM, user is getting created successfully into ADSAccount table.

    But user manager details are not populating. We have done mapping between objectkeymanager to manager (ObjectKeyManager …

  • How to force AD attribute update when no change occured in OneIM?

     Hello,

     

    I would like to provision some AD attributes based on the values I have in OneIM knowing that no changes occured in OneIM.

     

    We are using OneIM 7.1.2 and Active Diretory 2012. We already had an almost "out-of-the-box" AD synchronization project…

  • Initial domain sync fails for DC in untrusted domain

    Hola,

     

    Ok so I have AD sync working fine from our integrated domain, but when adding a domain where there is no trust, I am having issues getting the sync to work.

    Couple of notes:

    • I am able to configure the connection in the Sync editor and browse the…
  • Why will the O attribute in AD not update?

    Hello,

    I have an attribute in AD that will not update in 6.14.

    I've added this attribute like I have with several others and for some dang reason it will not update.

    Can anyone tell me what would cause this to not push?

    I see it in the process orchestration…

  • Assign ITShop resource based on AD

    Hello!

    We have groups in AD, published them to ITShop.

    How can I assign resources which connected to this groups for poerson whos accounts are members of this groups?

    So T have group in AD named Test Group, members are "test user 1" and "test user 2"…