Skip to Content

SAP IdM to AD - keep current value and add additional without overwriting

Jan 13, 2017 at 09:26 AM


avatar image


is there a possibility to provision a field like for example "description" from IdM to AD without overwriting the text which exists already in AD field description?

Just extend the existing text with the new one which is coming from IdM.

Kind regards


10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Sergius Karsten Jan 16, 2017 at 10:30 AM

Hi Matt,

thanks for the response.

Just by the way, I saw a lot of posts from you which helped me already with some issues so thanks for that :-)

The dot operator to my knowing only writes the value when adding an entry, but not when modifing, correct?

I try to explain my case a little bit clearer.

We have already an existing AD entry where the attribute descrition contains text for example: "This is the description".

What I want now is when I do a modify of this AD entry SAP IdM should write into the field description for example "edited by IDM" but also keep the existing value. "This is the description"

So the result in AD should be for field description: "This is the description edited by IDM". I have tried to do so in the ToLDAPdirectory pass, but until now without success...

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi Sergius, always happy to help.

This is also possible. Just do something like

IDM will concatenate the two values and write them to the designated AD attribute. You can also do this via a script.

Hope it helps!


toldap1.jpg (168.7 kB)
Hendrik Winkler Jan 25, 2017 at 09:48 AM

Hey Sergius,

I'm happy to get corrected here, but I think this not possible without deeply messing with the LDAP connector.

You could read the value firsthand and write back the combined key. But you probably already thought of this.

Did you already find a solution?


Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi Hendrik,

thanks for you reply. Thats the way I realized it in the meantime. I created a job to load the current description in an temporary table. also a script that copies the current description, extends with the new and writes it back to AD.

Matt Pollicove
Jan 13, 2017 at 01:42 PM

Hi Sergius,

This is actually pretty simple to do. All you need to do is use the dot operator for the DESCRIPTION field. This link should help you:

Please let us know if you have any other questions.



10 |10000 characters needed characters left characters exceeded