Identity Attribute in DN for Open LDAP connector

Santhakumar · March 14, 2024, 1:23pm

Hi All,

Is it possible to use Identity Attribute for DN in create profile for LDAP connector?

I want to move the OU from Active to Terminated but LDAP doesn’t support Update policies, so i am trying via attribute sync it is possible to use identity attribute? Can we use attribute Sync for DN? I have the before provisioning rule as last choice.

I have tried the identity attribute in DN but it shows as Invalid path error. Below is the transform i have used for the identity attribute, whether it is correct or am i missing something?

Any idea how to achieve this? Thanks in advance.

Thanks,
Shantha Kumar

Sivakrishna1993 · March 14, 2024, 2:09pm

Dear Kumar,

You can use disable provisoning policy have you tried it?

Best Regards,
Siva.K

Santhakumar · March 14, 2024, 2:20pm

@Sivakrishna1993 OpenLDAP only supports create policy so other than that its not support any other provisioning policies.

Sivakrishna1993 · March 14, 2024, 4:18pm

Dear Kumar,

While you are creating account in LDAP from SailPoint how you are passing dn value in the povisioning policy.
Are you using Generator/Identity attribute?

Best Regards,
Siva.K

Santhakumar · March 14, 2024, 5:08pm

During creation I have used generator, but I am trying to update the dn value through attribute sync so trying to use the identity attribute (Directory OU) for Dn in Create profile.

Sivakrishna1993 · March 15, 2024, 1:22am

Hi

Thank you for update.

Better to write before provisioning rule.

And regarding to disable provisioning policy I did not find any information is it support or not but I suggest you try disable provisioning policy.

Can you share doc where it saying not support?

Thanks,
Siva.K

Santhakumar · March 15, 2024, 1:38am

@Sivakrishna1993 I have tried the update, enable and disable policies to test whether these functions has allowing for OpenLDAP but its not allowing during modify operation in IDN.
Also in the connector guide they haven’t mention what are the provisioning operation it supports they have mention like *provisioning accounts

Supported Features

But if you see the LDAP connector guide they have mentioned like this :

Supported Features

system · May 14, 2024, 1:38am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
LDAP Account Move during provisioning (LDAP Connector) ISC Discussion and Questions identity-security-cloud , provisioning	9	492	April 13, 2024
IDN - Question about Provisioning Policies for Active Directory Connector ISC Discussion and Questions	5	2216	July 19, 2023
Does OpenLDAP connector support rules in ISC? ISC Discussion and Questions rules , identity-security-cloud , provisioning , connectors	2	176	May 12, 2024
OpenLDAP Connector - Entitlement Provisioning ISC Discussion and Questions identity-security-cloud , provisioning	4	692	June 16, 2023
Looking for alternative to Attribute Sync - Need just provisioning ISC Discussion and Questions identity-security-cloud	6	502	May 15, 2024

Identity Attribute in DN for Open LDAP connector

Related topics