Identity manager setting last name as unknown in AD issue
I am facing issues in Identiy manager as when i sych the user from AD to idm , the users whose last name is not set in active directory comes as unknown in IDM. Then same is sych to AD and user last name is also set to unknown in AD.
I don't want to set lastname as unknown in AD by IDM, kindly help me to know what changes i have to done in IDM so that it does not set lastname as unknown in AD.
Any help is highly appreciated .
If there is no value the driver will set it to unknown as you have seen.
You have to fill in a value for last name.
Have you looked at the trace? When the event is kicked off, is the Surname attribute in the XDS document?
When it is finally submitted to AD, what does it look like? If it was there and is missing, work backwards till you find what took it out.
This is why we almost always answer questins like this with "Show me the trace"
Definitely trace is the way to troubleshoot the issue.
Surname is a mandatory attribute for user class and we have no way to bypass it.
As a temporary solution, you can use the next logic in the matching policy:
If Surname not exist, set Surname as "unknown"
<do-if> <arg-conditions> <and> <if-op-attr name="Surname" op="not-available"/> </and> </arg-conditions> <arg-actions> <do-add-dest-attr-value name="Surname"> <arg-value type="string"> <token-text xml:space="preserve">Unknown</token-text> </arg-value> </do-add-dest-attr-value> </arg-actions> <arg-actions/> </do-if>