I have a bit of a hump that I have been trying to get over but I need a little help. I want to map the givenName in AD to the preferred name from Workday. I see the attribute being updated in IDN but when I look in the logs I am seeing this error: the directory service cannot perform the requested operation on the rdn attribute of an object
My concern - when I deploy this to PROD - that it will overwrite the preferred names already in place.
I think I just figured out my own question. We are using First Name and Last Name in the distinguishedname - which in turn is our AccountID. Changing this - after account creation - appears to be creating the error.
the distinguish name cannot be changed in ISC normal updates .
For that operation you need to rename the object on the AD using powershell.
My advice would be to make the AD team change the “display name” lookoiut to another field as the distinguisheName require alot of work to be updated.