Hello All,
We are facing strange behavior while creating AD accounts.
The connector was working properly and was creating the AD accounts with the correct mapped attributes, suddenly yesterday we found that the user is created in the correct OU but with empty values.
We changed the create account policy to use static values but also it did not reflect on AD accounts.
Below is the provisioning policy for reference.
{
“name”: “Account”,
“description”: null,
“usageType”: “CREATE”,
“fields”: [
{
“name”: “ObjectType”,
“transform”: {
“type”: “static”,
“attributes”: {
“value”: “User”
}
},
“attributes”: {
“cloudRequired”: “true”
},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “sAMAccountName”,
“transform”: {
“type”: “rule”,
“attributes”: {
“name”: “Create Unique LDAP Attribute”
}
},
“attributes”: {
“template”: “$(firstname).$(lastname)”,
“cloudMaxUniqueChecks”: “50”,
“cloudMaxSize”: “20”,
“cloudRequired”: “true”
},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “displayName”,
“transform”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “displayName”
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “manager”,
“transform”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “managerId”
}
},
“attributes”: {
“cloudRequired”: “true”
},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “mail”,
“transform”: {
“type”: “rule”,
“attributes”: {
“name”: “Create Unique LDAP Attribute”
}
},
“attributes”: {
“template”: “$(firstname).$(lastname)@domain”
},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “userPrincipalName”,
“transform”: {
“type”: “rule”,
“attributes”: {
“name”: “Create Unique LDAP Attribute”
}
},
“attributes”: {
“template”: “$(firstname).$(lastname)@domain”
},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “password”,
“transform”: {
“type”: “rule”,
“attributes”: {
“name”: “Create Password”
}
},
“attributes”: {
“cloudRequired”: “true”
},
“isRequired”: false,
“type”: “secret”,
“isMultiValued”: false
},
{
“name”: “givenName”,
“transform”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “firstname”
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “sn”,
“transform”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “lastname”
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “IIQDisabled”,
“transform”: {
“type”: “static”,
“attributes”: {
“value”: “false”
}
},
“attributes”: {},
“isRequired”: false,
“type”: “boolean”,
“isMultiValued”: false
},
{
“name”: “description”,
“transform”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “jobTitle”
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “extensionAttribute7”,
“transform”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “uid”
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “telephoneNumber”,
“transform”: {
“type”: “identityAttribute”,
“attributes”: {
“name”: “phoneNumber”
}
},
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “distinguishedName”,
“transform”: {
“type”: “rule”,
“attributes”: {
“name”: “Create Unique Account ID”
}
},
“attributes”: {
“template”: “CN=$(firstname).$(lastname),$(activeParentOu)”,
“cloudMaxUniqueChecks”: “50”,
“cloudRequired”: “true”
},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “pwdLastSet”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “boolean”,
“isMultiValued”: false
},
{
“name”: “primaryGroupDN”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “msNPAllowDialin”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “homeMDB”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “mailNickname”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “shadowAccountDN”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “msExchHideFromAddressLists”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “boolean”,
“isMultiValued”: false
},
{
“name”: “SipAddress”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “SipDomain”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “SipAddressType”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “msNPCallingStationID”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: true
},
{
“name”: “msRADIUSCallbackNumber”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “msRADIUSFramedRoute”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: true
},
{
“name”: “msRADIUSFramedIPAddress”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “RegistrarPool”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “dNSHostName”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “msDS-SupportedEncryptionTypes”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: true
},
{
“name”: “msDS-ManagedPasswordInterval”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
},
{
“name”: “msDS-GroupMSAMembership”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: true
},
{
“name”: “msDS-AllowedToActOnBehalfOfOtherIdentity”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: true
},
{
“name”: “servicePrincipalName”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: true
},
{
“name”: “externalEmailAddress”,
“transform”: null,
“attributes”: {},
“isRequired”: false,
“type”: “string”,
“isMultiValued”: false
}
]
}