AD User Attribute value Changes Not Updating in IDN (Non-Authoritative Source)

Hello Community,

I have configured Active Directory (AD) as a Non-Authoritative Source in SailPoint IdentityNow (IDN). However, I am facing an issue where changes made to user attributes in AD are not reflected in IdentityNow account attributes after aggregation.

Current Setup:

• AD Source Type: Non-Authoritative
• Native Change Detection (NCD): Enabled for account updates
• Aggregation: Running successfully but not updating changed attributes

Issue:

When I change an account attribute (e.g., Title or Department) directly in Active Directory, it does not get updated in the IDN account attributes after aggregation.

1. Is your update operation successful ? If yes then how are you confirming ? checking in AD ?
2. If the operation went successfully and attributes are updated at AD, check your account schema if those attributes are included or not

Thanks for your response.

• I updated the Description attribute for a user in Active Directory.
• After that, I ran an Aggregation in IdentityNow.
• However, when I checked the account attributes in IDN, the updated Description value was not reflected.
• I verified that Description is included in the Account Schema for the AD source.

Would there be any additional configurations or troubleshooting steps I should check to ensure attribute updates sync properly in IDN?

Looking forward to your suggestions.

Check the request Identity events or in search page, check the request there to find more insights.

Potentially, if you are running multiple DCs, the change made in AD that you have access to might be different to the one that ISC reads from.
Therefore it may take some time to replicate across the network. Try running the aggregation again about an hour the change has been made and see if ISC then picks it up

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.