The imported gender values imported are in the form:

"MALE" and "FEMALE"

but on export there's a Maximum value validation process of one; as such only values of "M" and "F" work.

After adding additional items to to the Aurion query, the following error occurred during an import:

error -1: Query PERSON has not been validated process cancelled

This was fixed by "validating the join" before running the query. Confirm the correct language in the product before documenting the fix.

Update the UI to allow for multiple query ids.

We expected this but confirmed due to Aurion Corp's feedback:

• EmployeeID will not always be an option and we need to allow for an alternative field to contain the Aurion PersonNumber
• Regardless of where it comes from, the field may sometimes be empty or duplicated which means it's not appropriate for use in the DN

Not all that surprising, but feedback from Aurion Corp is that some of the terminology (mostly identity-related stuff) is difficult to understand. We've already been through a few revisions of it but we should find some time to do it again, maybe with a neutral 3rd party.

Identity Broker needs to keep a connection open to Aurion for an extended period of time and we can have problems with proxies and firewalls cutting the connection. Is there something we can give to the network guys at a customer to prove to them where the connection is being cut? I am thinking either a test they could do themselves that keeps the connection open for the right length of time and in the right way, or some kind of network diagnostic we could run from the IB server.

Here's an obscure one;

At Aurion Corp we terminated a user and placed them in to a container that wasn't managed by the AD connector. As such, when we re-hired them it couldn't find their first account and provisioned another with the same sAMAccountName.

They and I both understand that ALL users should be contained in the scope of the AD connector for this reason, but all the same I would have expected the export to fail with an "Object Already Exists" LDAP error... only it didn't. It created it in a "half finished" state, so when you clicked on the account tab it said it was corrupt or something and needed to be recreated.

Just wondering if we expected this - it's possibly that when we add userPrincipalName it will correctly pick up the duplication, not sure. Maybe we should look at picking up an error if we can get it throw one then retry with 2 or 3 revisions of the account name? Might be difficult.

I need to be able to test Codeless Framework configuration for enabling and disabling of user account in AD based on the Aurion termination status.

Would you be able to provide me details on how to terminate or deactivate and unterminate (re-active) a user in Aurion system v10.01.02.04.

I have tried reading the Aurion online help but failed achieve the above.

Thank you

Our hosted environment is being upgraded to 10.4 MR5, and we've been informed this includes changes to the WSDL URL and possibly the web service itself. Has Unify had any experience with this update in other Departments, and can you advise on what changes need to be made to the Identity Broker?

Currently the only specific detail I've been given is the new URL;
https://selfservice.aurion.com/waterwa/servlet/services/ev397_aurion_ws?wsdl (new)
https://aurionss.asp.aurion.com.au/waterwaprd/servlet/services/ev397_aurion_ws?wsdl (existing)

When I run a Synchronization Import on the Aurion Employee connector or Security User connector I get "Change detection engine poll for connector Aurion Employee Connector failed with reason The connector 6375bc27-6543-4a58-a5ea-9065380ba76a does not support polling"

When I run a full import all is working.