AD Driver - Move User to another OU in AD - Micro Focus Community

rs_0 · ‎2016-01-12

Does anyone know of a good way to move a user from one Active Directory
OU to another via the Active Directory Driver?

IDM 4.0.2
Driver Version 3.5.14

--
stampsr
------------------------------------------------------------------------
stampsr's Profile: https://forums.netiq.com/member.php?userid=7353
View this thread: https://forums.netiq.com/showthread.php?t=55116

Alex McHugh · ‎2016-01-12

stampsr <stampsr@no-mx.forums.microfocus.com> wrote:
>
Does anyone know of a good way to move a user from one Active Directory
OU to another via the Active Directory Driver?
>
> IDM 4.0.2
> Driver Version 3.5.14

This is standard functionality in ad driver.
Just determine what trigger event you want to turn into a move.

Do-move-dest-object token is your friend here.

--
If you find this post helpful and are logged into the web interface, show
your appreciation and click on the star below...

Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.

geoffc · ‎2016-01-12

On 1/12/2016 10:52 AM, Alex Mchugh wrote:
> stampsr <stampsr@no-mx.forums.microfocus.com> wrote:
>>
> Does anyone know of a good way to move a user from one Active Directory
> OU to another via the Active Directory Driver?
>>
>> IDM 4.0.2
>> Driver Version 3.5.14
>
> This is standard functionality in ad driver.
> Just determine what trigger event you want to turn into a move.
>
> Do-move-dest-object token is your friend here.

The often confusing part is that the destination is a OU DN, not the
final user object DN. I.e. Do not specify the
cn=Username,ou=ouName,dc=whatever,dc=com rather ou=ouName,dc=whatever,dc=com

rs_0 · ‎2016-01-12

I actually tried that, and didnt have much luck. I figured it was just
a function for eDirectory moves. I will re-evaluate my syntax and see
if I missed something. Thank you.

--
stampsr
------------------------------------------------------------------------
stampsr's Profile: https://forums.netiq.com/member.php?userid=7353
View this thread: https://forums.netiq.com/showthread.php?t=55116

geoffc · ‎2016-01-12

On 1/12/2016 11:24 AM, stampsr wrote:
>
> I actually tried that, and didnt have much luck. I figured it was just
> a function for eDirectory moves. I will re-evaluate my syntax and see
> if I missed something. Thank you.

I am pretty sure it needs to be in LDAP syntax to move in AD. I do not
think the OU needs to be associated though, butI could be wrong.

Alex McHugh · ‎2016-01-12

Geoffrey Carman <geoffreycarmanNOSPAM@NOSPAMgmail.com> wrote:
> On 1/12/2016 11:24 AM, stampsr wrote:
>>
>> I actually tried that, and didnt have much luck. I figured it was just
>> a function for eDirectory moves. I will re-evaluate my syntax and see
>> if I missed something. Thank you.
>
> I am pretty sure it needs to be in LDAP syntax to move in AD. I do not
> think the OU needs to be associated though, butI could be wrong.
>

OU doesn't need to be associated
DN should be in LDAP

Or you can specify association value (still doesn't need to actually be
associated in IDM)

--
If you find this post helpful and are logged into the web interface, show
your appreciation and click on the star below...

Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.

rs_0 · ‎2016-01-12

Thank you both for your help, turned out to be an issue with the
attribute I was trying to trigger off. Everything is working now.

--
stampsr
------------------------------------------------------------------------
stampsr's Profile: https://forums.netiq.com/member.php?userid=7353
View this thread: https://forums.netiq.com/showthread.php?t=55116

AD Driver - Move User to another OU in AD

Engine-Drivers