Personal!
I am having trouble integrating service accounts into IndentityNow, I opted to create an AD Active Directory profile and provide it with an identity profile, which in turn creates an identity based on the data provided by AD, so when I don’t recommend providing the manager, I have configured the DN Manager attribute that comes from the AD with the DN identity user, but IdentityNow does not correlate with the manager, is there anything I can do?
Hi Luciam,
Welcome! Can you share manager correlation logic that exists on the AD source/connector that creates the AD account?
Thanks,
Shailee
Hi @Luciam445
Welcome to SailPoint community.
As mentioned by Shailee, can you please share the manager correlation logic.
Also, can you please confirm if the manager of the identity do exist in ISC, if so may be you can share the screenshot of the AD DN value of the manager (of course by hiding sensitive information )?
Thank You.
Regards
Vikas
Hey @Luciam445,
So i feel if the manager is not being correlated, the reason could be correlation logic as mentioned by folks above.
So from AD, the manager will be coming as something like this:
CN=1234,OU=Accounts,OU=Active,DC=SAILPOINT,DC=COM
Whereas on AD application UI if you see the manager attribute will show you as: 1234
Hence, in order to achieve the correlation, you will have to Add manager correlation as: ISC vs AD attribute
Distinguished Name (ISC attribute) → Manager (Attribute of Active Directory)
P.S. If distinguishedName, attribute is not searchable you will have to make that searchable first so that you can see it in the drop down menu of Manager Correlation.
Reference document to create searchable attribute: Search Attribute Configuration | SailPoint Developer Community
Hope this helps…
2 Likes
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.