Lieutenant
Lieutenant
344 views

Identity manager setting last name as unknown in AD issue

Hi ,

I am facing issues in Identiy manager as when i sych the user from AD to idm , the users whose last name is not set in active directory comes as unknown in IDM. Then same is sych to AD and user last name is also set to unknown in AD.

I don't want to set lastname as unknown in AD by IDM, kindly help me to know what changes i have to done in IDM so that it does not set lastname as unknown in AD.

Any help is highly appreciated .

Thanks

Dipesh

 

Labels (1)
0 Likes
6 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Last name is a mandatory attribute so it has to have a value.
If there is no value the driver will set it to unknown as you have seen.

You have to fill in a value for last name.
0 Likes
Lieutenant
Lieutenant

No any way that that driver will not set unknown as last name in AD
0 Likes

There might no way to set it up.

 

Regards,

Chirag

0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

It is mandatory in eDir too, so not sure how you could even get to such a case, unless some policy/filter choice is removing it.

0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Have you looked at the trace?  When the event is kicked off, is the Surname attribute in the XDS document?

 

When it is finally submitted to AD, what does it look like?  If it was there and is missing, work backwards till you find what took it out.

This is why we almost always answer questins like this with "Show me the trace"

0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Definitely trace is the way to troubleshoot the issue.

Surname is a mandatory attribute for user class and we have no way to bypass it.

As a temporary solution, you can use the next logic in the matching policy:

If Surname not exist, set Surname as "unknown"

<do-if>
	<arg-conditions>
		<and>
			<if-op-attr name="Surname" op="not-available"/>
		</and>
	</arg-conditions>
	<arg-actions>
		<do-add-dest-attr-value name="Surname">
			<arg-value type="string">
				<token-text xml:space="preserve">Unknown</token-text>
			</arg-value>
		</do-add-dest-attr-value>
	</arg-actions>
	<arg-actions/>
</do-if>
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.