When I change IDM user CN.the samaccountnam doesn't change

iearth · ‎2018-12-06

Hi

I try to connect the IDM with an AD, I want to set up when I change IDM user CN.the samaccountname must change too.
Now When I Change IDM CN the userprincipalname is change only but the samaccountname is not.

**note
In the filter policy sync value is set as sync already in each attribute.

thanks.

Alex McHugh · ‎2018-12-06

iearth wrote:

>
> Hi
>
> I try to connect the IDM with an AD, I want to set up when I change IDM
> user CN.the samaccountname must change too.
> Now When I Change IDM CN the userprincipalname is change only but the
> samaccountname is not.
>

The mapping is not so direct between CN in IDM and CN/sAMAccountName/UPN in AD

> **note
> In the filter policy sync value is set as sync already in each
> attribute.
>

That is a mistake, you should not have CN to sync in both directions. This will
cause errors. See this old KB article.
https://support.microfocus.com/kb/doc.php?id=10100761

For a modern AD driver, generally: CN should be subscriber=ignore and
publisher=notify. (for Users)

There are options under "Name Mapping Policy" in GCVs you should use instead.
IIRC

Logon Name Mapping=true
User Principal Name Mapping: Follow Identity Vault name

--
If you find this post helpful, and are viewing this using the web, please show
your appreciation by clicking on the star below

Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.

Engine-Drivers

Re: When I change IDM user CN.the samaccountnam doesn't change