on 08-14-2015 2:12 PM
Hello,
Please advise on why an intial load from Active Directory into the main IDM 8 Identity store has the Display Name as the Unique Identifier showing in the Web UI. Shouldn't it be the SAMACCOUNTNAME. How can we change this and clean up the data that is currently in there from the initial load and consolidate the accounts based on the unique id. We currently have a demo system with AD and SAP accounts loaded and just recently were able to configure the HCM data loads.
Please also advise on the steps to enable IDM 8 with Office 365 if possible or links to documents. Is there a connector available for it?
Thanks,
Todd
Hi Todd,
As Matt said already , samaccountname is also unique ID in AD and should be mapped to MSKEYVALUE in IDM in initial load job.
I also was surprised to see displayname from AD to map with MSKEYVALUE in IDM.
But I changed the mapping in the initial load job and used samaccountname .
'name' to be replaced by 'samaccountname'.
regarding deletion of data already loaded due to old mapping of displayname, you would need to create custom job and define appropriate query to delete unwanted users with MSKEYVALUE in IDM as displayname (of AD).
Using From ASCII pass also list of users can be stored in runtime table and then another pass (To Identity store) deletes those unwanted users.
Regards,
Pradeep
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Todd,
It's all in how you map the attributes. Make sure you're mapping MSKEYVALUE to sAMAccountName. Also there's no problem if you map sAMAccountName to multiple IDM attributes.
Good documentation sources can be found here (Login required) andOut side of these sources, you'll need to use the SCN and SAP Support.
Matt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
In each ToIdentityStore pass of the Initial Load jobs. As a good start you can set up an excel and write all systems with their attributes. Similar to this:
You can expand this with the AD attributes.
IdM attribute / AD attribute
MSKEYVALUE samAccountName
DISPLAYNAME displayname
MX_LASTNAME sn
and so on.
The most relevant attribute is MSKEYVALUE.
User | Count |
---|---|
83 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.