Bugs
Active Directory connector doesn't support AD move operation (dn change) even though UNIFYAssure-Aurion-Sample uses it
UNIFYAssure-Aurion-Sample attempts to move AD user object by modifying the 'dn' attribute on the AD connector, but when it tries to do so this error appears in the log:
Here's the error I see in the UI:
Here's the PowerShell code from UNIFYAssure-Aurion-Sample:
Here are the Adapter config excerpts:
Answer
The key is 'cn', and I'm not changing the cn (or the first element of the dn, which is the same thing although I'm not sure which has precedence).
This is the UNIFYAssure-Aurion-Sample base configuration, and I didn't add this functionality, so I think probably Matt (technical owner of UNIFYAssure) probably needs to make a decision on this one.
I'm just trying to use it in the basic form and configure it for the customer. If changing DN isn't going to be an offered feature of UNIFYAssure then I can advise them that this is the case and it should probably be removed from the sample UNIFYAssure configuration.
It might be that this wasn't a use case for the sample configuration. The DN can be changed during the update operation by instead using objectGUID as the key.
The supplied PowerShell code that is part of the UNIFYAssure-Aurion-Sample distribution provides an implementation of DN change, and it's exactly as included in the description of this ticket (I just changed the OU location to suit my installation). If DN move is not supported by UNIFYAssure then that section of the PowerShell should be removed.
Hey Adrian,
Can you try modifying the connector schema to have the field objectGUID as the key, and see whether the DN modification works then? You'll need to make the schema change, then clear the connector and adapter and do a full import from AD, and then re-run the link export.
Customer support service by UserEcho
It might be that this wasn't a use case for the sample configuration. The DN can be changed during the update operation by instead using
objectGUIDas the key.