Hey Salvatore,
If I understand this correctly, you want to:
- Create AD accounts via a lifecycle state (e.g., ‘onboarding’, ‘active’)
- The CN of the AD account to be set to the Display Name, not the Username
You have already completed:
- Mapped the CN attribute in the ‘Create Account’ provisioning policy to Display Name
However, the account is still being created with CN = username
Based on SailPoint’s documentation and other discussions on this forum, it looks like mapping the CN to displayName is possible but may require using special attributes like AC_NewName in the provisioning plan to override the default behavior.
Even if the CN is mapped in the Create Account policy, the connector might still default to using username unless explicitly instructed otherwise. It’s also worth checking if the identity has a valid displayName before provisioning and confirming that there are no conflicting mappings in the schema or connector config.
Please review the below documentation and discussion of the same question:
- Documentation: Default Provisioning Attribute Reference
- Discussion: Similar/Same Question asked
If you need further help, please provide a copy/paste of the create policy JSON and ensure that you have a valid display name coming in on the identity