UNIFYBroker/AD & dn field type
I have configured my UNIFYBroker/AD connector to use objectGUID as the key, so I can modify the "dn" attribute to move users between AD OUs. I configured my "dn" attribute as a "Distinguished Name (DN)" type in the AD connector and I generate an appropriate value for the field in a PowerShell Link Task. But when I attempt to sync to the AD adapter I see this error:
It looks to me like the UNIFYBroker/AD connector code needs me to configure the "dn" attribute as a String type. Is that correct? I'd prefer to have it configured as a Distinguished Name (DN), because that is what it is in AD and I want to use it elsewhere as a Distinguished Name (DN) data type (e.g. when I join to it for use on another user's "manager" attribute).
Answer
Hey Adrian,
Unfortunately that's correct - the AD connector expects the DN field to be a string value type.
This is because the underlying Microsoft library used for integration requires the DN to be a string value, so we enforce that value type further up the chain to ensure we don't cause any strange behaviour doing the conversion ourselves.
Is that true for "manager" as well? If manager and dn are different types, that means a PowerShell transformation will always be required after the join from a user to their manager's user object. It would be nice to have a cleaner approach than that.
Customer support service by UserEcho
Hey Adrian,
Unfortunately that's correct - the AD connector expects the DN field to be a string value type.
This is because the underlying Microsoft library used for integration requires the DN to be a string value, so we enforce that value type further up the chain to ensure we don't cause any strange behaviour doing the conversion ourselves.