Home Forums Identity Governance Automatically changing created users login name format.

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #2517
    Matthew Key
    Participant

    Hello, I have a few questions regarding username attributes (User Identities).

    I have a Test user with the first name “Test” and the last name “Tester”. In my Active Directory Domain Controller, my users have the logon attribute as their First initial followed by their last name… s0 the user “Test Tester” would have the SAMAccountName “TTester”

    Originally, when OpenIAM was syncing my users it would create two User Identities, “TTester” AD Powershell and Test.Tester” OPENIAM the AD Powershell attribute has the status “PENDING_UPDATE” while the OPENIAM has “SAVED” or “ENABLED”, which is what I’m assuming is causing some issues.
    User Identities

    I modified the GroovyScript for AD Transformations to change the OPENIAM User Identity to “TTester” because passwords from AD wouldn’t sync. Now they do but it’s still using the OPENIAM user identity as the main login.

    I’ve added the groovyscript as an attachment.

    Now they both are set to “TTester”. My question is how do I make it use the AD Powershell user identity?

    Changing the Content Provider‘s Authentication Provider to “Managed SYstem Auth Provider” doesn’t seem to have any effect. It’s still not using the AD Powershell User Identity for logins. It does, however, not allow me to log in with the “sysadmin”, so I know it’s changing something, at least.

    Managed System setup.
    2021-11-30_10-24-42

    Synchronization Setup
    2021-11-30_10-23-14

    Let me know what you think here.

    Thanks,

    Attachments:
    You must be logged in to view attached files.
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.