Creating a user in Active Direcory
Hi,
Here is the scenario.
I am loading accounts into IdM through flatfile, after loading accounts into IdM, through actvesync I am trying to push any updated or new accounts into Active Directory.
but I am unable to create account in AD, strangely I am not seeing any error too.
test connection was successful and I reconciled AD, unmatched accounts gets loaded into Idm.
any ideas please....why I am not able to load accounts from IdM to AD?
In the activesync form I specified waveset.resources field to AD(resource name) and viewOptions.Process field to CreateUser(workflow name). I specified the CreateUser workflow in the pre-process workflow option.
am I doing in the right way?
Any ideas please..
Thanks
# 1
Make sure the resources field is a list, not a string. Also make sure that the AD accountId is stuctured correctly. ie cn=accountId, ou=users, etc...
# 2
Thanks for the response Dchase.
I have given the resoures in the list itself.
Also make sure that the AD accountId is stuctured correctly. ie cn=accountId, ou=users, etc...
I didn't understand, where can I do this?
I specified the container as cn=users, dc=mydomain,dc=com.
Thanks
# 3
the fields in the active sync form
<Field name='waveset.accountId'>
<Comments> email. </Comments>
<Expansion>
<block name='checkTrace' trace='true'>
<ref>activeSync.accountId</ref>
</block>
</Expansion>
<Disable>
<neq>
<ref>feedOp</ref>
<s>create</s>
</neq>
</Disable>
</Field>
<Field name='global.firstname'>
<Comments> fullname. </Comments>
<Expansion>
<ref>activeSync.firstname</ref>
</Expansion>
<Disable>
<neq>
<ref>feedOp</ref>
<s>create</s>
</neq>
</Disable>
</Field>
<Field name='global.lastname'>
<Comments> firstname. </Comments>
<Expansion>
<ref>activeSync.lastname</ref>
</Expansion>
<Disable>
<neq>
<ref>feedOp</ref>
<s>create</s>
</neq>
</Disable>
</Field>
<Field name='waveset.password'>
<Comments>
Make up a password for accounts that are being created.
</Comments>
<Expansion>
<cond>
<notnull>
<ref>activeSync.password</ref>
</notnull>
<ref>activeSync.password</ref>
<s>change12345</s>
</cond>
</Expansion>
<Disable>
<neq>
<ref>feedOp</ref>
<s>create</s>
</neq>
</Disable>
</Field>
<Field name='waveset.resources'>
<Expansion>
<list>
<s>AD</s>
</list>
</Expansion>
<Disable>
<neq>
<ref>feedOp</ref>
<s>create</s>
</neq>
</Disable>
</Field>
<Field name='viewOptions.Process'>
<Expansion>
<s>Create User</s>
</Expansion>
</Field>
# 5
hello, I want to do the same but running Active Sync for an SQL resource, when running this active sync the accounts are created with several resources, I don't know why the Active Directory is not being assigned to the accounts; the AD. accounts already exist so they should be linked only.
Have you done this before?
what do I have to configure?
where I can read about constructing identity templates, or there is a guide for that?
thanks
# 7
the active sync doesn't use the identity template. So you must assign the AD accountid through a rule or the active sync form depending on how you are running the active sync.
if you're having issues, set the log level to 4 and check it after the sync. It should give you an idea of the problem.
