[midPoint] Sync AD with Midpoint for one time, not create
Dilek Gider
dilek.gider at basistek.com
Thu Aug 17 11:11:54 CEST 2017
Hi,
I have HR db resource to get users to midpoint, and then create accounts on
the AD, all of these operations are working fine now.
But I have a requirement that; all of users are also in AD now and they are
correct. Customer always used AD effectively by manual insert/update. Now
with midpoint project, we are doing automation the process from HR to AD.
But when project goes to production, only one time, we have to syncronize
midpoint users with AD users, not create. After one time operation, AD
account will be created automatically by midpoint, but for one time , at
the beginning of production, we won't create users on AD, only sync them
with midpoint users.
I tried to do this, but I think LDAP connector searches AD accounts by
"objectGUID". objectGUID on AD accounts didin't generated by midpoint, they
generated by manuel create. How can I map midpoint users (comes from HR)
and old AD accounts? There is unique value in each side that is identity
number but i can't sync them because of searching by objectGUID.
Thank you, I hope it is explanatory.
Dilek.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170817/2bcd9378/attachment.htm>
More information about the midPoint
mailing list