Manager Correlation

dpowers1 · April 2, 2026, 4:40pm

I am trying to correlate the managers in our Non-employee source, the manager in that source is set to a internal representative as their email address. For example the manager for a non-employee may be jdoe@arh.org, I want to bring in the Manager DN and Name on the Identity profile. I am struggling on how to accomplish that as I need the Manager DN to populate the Manager attribute in AD

SanjeevIAM · April 2, 2026, 5:01pm

Do you already have manager correlated on identity. If Yes then you can use get reference identity attribute transform to populate manager attribute on identity.
You can have an attribute addn that is mapped to Active Directory DN attribute to populate the DN for each identity and refer this attribute in transform with “uid”: “manager” to pull manager DN on identity.

    {
        "name": "Get Manager DN",
        "type": "rule",
        "attributes": {
            "attributeName": "addn",
            "name": "Cloud Services Deployment Utility",
            "operation": "getReferenceIdentityAttribute",
            "uid": "manager"
        }
    }

dpowers1 · April 2, 2026, 6:01pm

We have one correlated on our employees, but how would I get the info on our Non-employee source where in that system we have it as the managers email address. In our employee source it looks at the employee number in the manager field coming from that source.

bcariaga · April 2, 2026, 6:04pm

Have you properly defined the manager correlation on the non-employees authoritative source?

Once this configuration has been established and working correctly, you can use the transform referenced by @SanjeevIAM’s post.

dpowers1 · April 2, 2026, 6:17pm

Braden

I have tried setting that up but I am at a loss on the Identity Attribute to use as for our Employee side we use the employee number and in the non-employee source the manager is set to the managers email address

bcariaga · April 2, 2026, 6:40pm

Are you able to use the “Work Email” identity attribute with the “managerEmail” account attribute?

The identity attribute in the correlation is the attribute set on the Manager Identity.

SanjeevIAM · April 2, 2026, 6:50pm

Map Work Email (email) attribute on identity to managers email address attribute on the Non Employee source as shown below.
Assuming you have already mapped the Work Email (email) attribute on your employee source Identity Profile and populating it for all employees.

dpowers1 · April 2, 2026, 7:47pm

I have set it to this, but it is still not pulling in the managers name or dnmanager

{

"id": "8d3424a9-f925-4e3f-b6dc-fe4ff8c2ea2c",

"name": "Get_Manager_DN",

"type": "rule",

"attributes": {

    "name": "Cloud Services Deployment Utility",

    "requiresPeriodicRefresh": true,

    "operation": "getReferenceIdentityAttribute",

    "uid": "manager",

    "attributeName": "dnuser"

},

"internal": false

}

SanjeevIAM · April 2, 2026, 7:54pm

Before you can populate managerDN the manager correlation should work. Do you see manager attribute populated for non employees using the manager correlation. I see you have configured the correlation correctly.
Was manager correlation updated after you ran the aggregation initially. If yes then you may try to run deoptimized aggregation.

j_place · April 2, 2026, 8:17pm

Hi @dpowers1 Get the manager correlation to work on the identity, than worry about the manager DN when you come to the AD account connector.

dpowers1 · April 2, 2026, 8:45pm

Here is what I see. Manager is not populating

BBR1 · April 3, 2026, 1:41am

Do you have the corresponding Manager record in your HR feed file.

I encountered a similar issue when the manager account was missing in the HR data and so the value was not populating near manager attribute

.

j_place · April 3, 2026, 8:21am

Hi @dpowers1 I take it you also have Manager Name (manager) on the identity profile for non employees?

iamkiran · April 5, 2026, 4:48am

If the manager value in the non-employee source is an email address, then the correlation will only work if that email can be matched to an existing identity attribute on the manager’s identity and that manager identity already exists in ISC.

So I’d verify these in order:

The internal employee identities already have email / work email populated exactly as expected
The non-employee source manager field has the same normalized value (no case/spacing issues)
The manager record is already aggregated and correlated before the non-employee correlation runs
After changing manager correlation, run a full/deoptimized aggregation so ISC reevaluates the references

Also, if manager itself is still blank on the identity, the getReferenceIdentityAttribute transform for manager DN will not return anything yet — that transform depends on the manager reference being resolved first.

So I’d first focus on proving the manager identity link works, and only after that use the transform to pull attributes like DN or display name.

dpowers1 · April 6, 2026, 4:38pm

Thanks everyone for the assistance. It is working now, I just didn’t run the unoptimized aggregation on the source.

Topic		Replies	Views
Manager Correlation ISC Discussion and Questions identity-security-cloud , provisioning	2	910	January 3, 2024
Manager Correlation from Non - Authoritative Sources ISC Discussion and Questions identity-security-cloud	6	631	February 23, 2024
Transform to find Source Manager ISC Discussion and Questions transforms , identity-security-cloud , correlation	4	116	September 15, 2025
Manager Correlation - populate manager email ISC Discussion and Questions	1	1154	May 13, 2022
Manager Correlation from two different Sources ISC Discussion and Questions	14	3088	February 22, 2023

Manager Correlation

Related topics