Hi,
I want to know if there is a way to update Target system attributes directly (Ex: Active Directory) without updating Identity attributes.
Use case: We are trying to test the attribute sync and update AD from ISC and turn on the attribute sync and notice the functionality!
Let me know if there is a workflow or API to achieve this!
Thanks
Have you maybe tried simply to update some account attribute directly, run the aggregation for that afterwards, and then run the identity sync for that identity whose account you changed? That should “overwrite/sync“ data from Identity to that account.
Please note that attribute sync should be enabled for that identity attribute and account attribute for which you want to test the changes.
Through the SailPoint,
Another way is update through PS script AD commands, and the last and easiest way is to update it directly in AD if you have an access.
Hello,
Yes, its possible. One of the example that I can give it to you is “Name Change“ flows.
Lets say if you want to update UPN, SamAccountName,Email of the user in AD and if these attributes are not part of identity attribute list, then, you can still update these attributes in AD using Before Provisioning Cloud Rule but yes, the caveat here is that you need to enable attribute sync for either displayName or firstName or lastName attribute in AD to trigger the before provisioning rule. You need some kind of trigger point.
You can also use WORKFLOW.
Regards,
Rohit Wekhande.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.