DN generation in SailPoint Identity Now

Hi,

I am looking for support in finding the DN generation rule/transform used in the client Prod environment. I do not see any mapping or transforms in the environment for DN, but the DN generation works fine. The username generator rule that I see has only UserID and Email generation code. If the DN generation is a different rule, I should see some references about it somewhere. The only reference I could find is for the OU to place used object in one of the rules. But the “CN = FN LN” format should be defined somewhere for it to place the user in the OU. Is there any other place which I am missing to check?

I am working on a display name customization and want to ensure that there is no impact to the DN generation flow.

Thanks,
Smera Rajendran

@Smera_Ausnet -

There are multiple ways to check -

1. Go to Sources–> Your AD Application → Create Account and check for Distinguish Name.

image2073×1200 152 KB

2 . Use Sailpoint REST API to see the CREATE Provisioning POLICY form for Active Directory. You can use the below API -

Let me know if it helps.

Thank you!

Hi Amit,

Thank you. It helped. The configuration was inside the provisioning policy.

Thanks,
Smera Rajendran

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.