Hello everyone, I am creating accounts in the source AD, but I don’t understand about the attribute Manager → Type Generator → Option (Get LDAP DN from Manager).
Can someone explain the field?
I don’t understand.
I believe this field is about the identity manager.
And in AD, this field is empty.
The “Get LDAP DN from Manager” option in the provisioning policy tells SailPoint to resolve the manager’s distinguished name (DN) from the Identity’s manager attribute. This is required because Active Directory expects the manager attribute to be in LDAP DN format (e.g., CN=John Doe,OU=Users,DC=example,DC=com). If the identity’s manager does not exist in AD or is not correlated, this field will be blank and may cause provisioning errors. Make sure the manager identity is linked to an AD account so SailPoint can retrieve the correct DN. If not available, you may need to use a fallback or transform to handle the missing value.
Thanks
Manvitha
Hi @guilherme_sec,
Go through the below link and update the configuration as mentioned. Once done you should see the maanger flow from IdentityNow → Active Directory.
