What is the best way to update the sAMAccountName for a user? This could happen when they transfer and the formula changes but we want to keep the same account.
Hi @ethompson,
sAMAccountName is an attribute that can be changed easily in Active Directory. It is not part of the DN.
Beware that end-users must be notified for such change as without this information, they may not login.
In any case, you can keep in sync this attribute.
To do so, I would:
- Create an identity attribute
sAMAccountName - Compute the sAMAccountName with a transform to suit your business requirements
- Synchronize this identity attribute to AD attribute
Are there any issues if sAMAccountName is being used for correlation?
Hi @ethompson
Once correlated, you can change the sAMAccountName.
IDN is using the DN as the account ID. Changing the sAMAccountName does not change the DN, so you are good to go.
In any case, do not do this in production before testing this in your sandbox!