Hey all, I’m working through a use case at a client where they don’t want manager to be synced down into AD accounts for inactive users. I’ve looked at the few other threads about this topic but I’m seeing different behavior in my transform results than what others have seen. { "id": "e6346a99…

Active Directory manager sync - block for inactive users

Identity Security Cloud (ISC) ISC Discussion and Questions

WyssAJ01 (Adam Wyss) November 22, 2023, 3:16pm 5

Just to close the loop on this in case anyone else has this issue, is we used a static transform that brings in managerDn and cloudLifecycleState and uses the below velocity code.

"value": "#if($cloudLifecycleState != 'terminated')$managerDn#end"

Zoom doesn’t allow to update an attribute of a deactivated users so it leads to an Attribute Sync error

Topic		Replies	Views
Active Directory AD Sync issue while modification IIQ Discussion and Questions identityiq	8	540	March 24, 2024
Clear ‘Manager’ and ‘ManagerDN’ identity attributes for inactive users ISC Discussion and Questions	21	3200	July 19, 2023
Unable to send null value on manager attribute in AD via attributeSync ISC Discussion and Questions identity-security-cloud , provisioning	8	872	August 22, 2023
Update provisioning policy -how to apply retroactive ISC Discussion and Questions identity-security-cloud , provisioning	5	73	November 22, 2024
Search for Accounts with Inactive Manager ISC Discussion and Questions	5	971	July 19, 2023

Active Directory manager sync - block for inactive users

Related topics