Hello Experts,
We are working on a use case where, if a first or last name changes in the auth source, we need to make the corresponding change in AD. In short, we should update the AD attributes (name, displayName, UPN) if the name in the auth source changes. Additionally, we need to have a unique counter for the UPN.
Any suggestions would be highly appreciated.
Hi @aishwaryagoswami ,
You can update the first or last name changes directly via Attribute sync and other attributes (CN, displayName, and UPN) can be updated via Before Provisioning Rule or by update provisioning policy.
If you are going to use the update provisioning policy, for uniqueCounters you can use Create Unique LDAP Attribute rule for uniquecounter. I have gave you the example transform below.
{
"name": "userPrincipalName",
"transform": {
"type": "rule",
"attributes": {
"name": "Create Unique LDAP Attribute"
}
},
"attributes": {
"template": "$(displayName)$(uniqueCounter)",
"cloudMaxUniqueChecks": "50",
"cloudMaxSize": "20",
"cloudRequired": "true"
},
"isRequired": false,
"type": "string",
"isMultiValued": false
}
Thanks!!
My question to you is, how will you let the user know of their new details because if you are changing their UPN, you are also presumably changing their email address.
Phil
(we gave up trying to automate it for that exact reason, and left it as a manual process. You need to add an alias, and the schedule its removal a month later)
Thanks for the response Gokul, i have one question. How do we call the update provisioning policy? UPN is generated through a rule so we cant sync it.
I 100% agree, I will suggest the same to the team but just trying to cover my base.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.