Hello Experts,
need your help on this.
AD Links are getting deleted in IIQ by AD Account Aggregation task and links are getting created again after second AD Account Aggregation task. Can someone please help me in this case as we are not able to know the root cause of this issue. how can we prevent this in future.
For workaround, we have added 101 value for detect deleted accounts.
Thanks
Hi @niket345,
check if the identity attribute of ad account is changed
@enistri_devo Can you please confirm that what kind of Identity attribute?
that you have configured in the schema
@enistri_devo I am not sure how that identityAttribute is impacted also FYI, we noticed that we have changed some domain configuration and ran the AD account aggregation then links get deleted and if we do second time account aggregation, links get created correlated with the account.
can it will be the cause.
yes it will be the cause.
Usually in SP id distiguishedName the identity attribute of ad account. The identity attribute of account is the identifier of the account in SP and must be unique. So, if distiguishedName changes, for SP is a different account.
If in your domain you had change the DC or the OUs, this behavior is normal because those are in distiguishedName:
Hi @niket345 ,
Could you please share the screenshot of what attribute you have configured in Display Attribute?
Because an AD account will be created with the value of the attribute you mentioned in the Display Attribute. The identity attribute is used for picking up the unique value from the application and parsing it for aggregation and creation.
Once you find out how correlation is working, then you will get why it is getting deleted.
To get a more clear idea about Identity attribute and Display attribute, and how correlation works, I have created a nice document. Please go through it once.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
