Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Insight LDAP import not updating attributes

Edited
Karpov Ruslan
Karpov Ruslan Apr 27, 2020

Hi, Team!

For map our domain uers we use People-objects in the Insight structure. We set up LDAP import users from AD, defined attributes. Import new people is working correctly, but we have some problems with updating "manager" attribute. If we change user Manager in AD and run sincronization, it will pass without updating the attribute Manager. And if we delete Manager from object, new manager was updated...

Insight-attribute "Manager" was configured as Manager - Object - People - Reference

1.png

And in importing attributes manager = Manager and Object mapping = "DN = ${manager}"

2.png

If we change attribute "userAccountControl", Object updating work successfully. But it not work for Manager :(

Answer
Watch
Like Be the first to like this
956 views

3 answers

1 accepted

1 vote
Answer accepted
Ricky LaFleur
Ricky LaFleur Apr 27, 2020

Hm, looks like you are using value type for mapping.

It seems to me that on import userAccountControl column value from file goes to Insight Attribute UserAccountControl but for mapping you are using Value Type which is UAC. This is okay as you said.

1.PNG

But for data locator manager where you want to update data for insight attribute Manager, you use mapping DN, and this is another Insight Attrribute. Right?

2.PNG

 

 

If your goal is to update atribute Manager on object with values from column manager, I think you could try with Label = ${manager}

View More Comments
Karpov Ruslan
Karpov Ruslan Apr 27, 2020

This is a good idea, but we tried to substitute both SID and CN and others. And it does not work. It`s working only DN = ${manager}.

Now, I am change properties "Missing objects outbound references = Remove" and "Empty values = Remove" and all working!

Thank you, Ricky, for being with me in difficult times :)

Like Ricky LaFleur likes this
Reply
0 votes
Alexey Abramov
Alexey Abramov Oct 26, 2021 • edited

Hi. I'm trying to set up a similar ldap import, but I'm faced with the problem of filling in the Object mapping (IQL) field. When Data Locator and Insight Attribute are selected, it simply becomes unavailable for inputting values. How were you able to enter values in this field?

Безымянный.jpg

View More Comments
Ricky LaFleur
Ricky LaFleur Oct 26, 2021

ObejctMapping will not work with any attribute type. What is the attribute type for Manager on this specific ObjectType?

Like
Alexey Abramov
Alexey Abramov Oct 26, 2021

The problem is that you cannot specify for any attribute typeБезымянный.png

Like
Karpov Ruslan
Karpov Ruslan Nov 21, 2021

@Alexey AbramovHi! If you need AD import like my Manager or UAC attributes, this mapping need use only for Objects. Manager atribute referenced with himself ObjecType, and for UAC I create new ObjectType with UAC Id`s.

Like
Reply
0 votes
Ricky LaFleur
Ricky LaFleur Apr 27, 2020

I noticed that Match Identifier is set to Case Sensitive. Any chance your import values are case sensitive?

View More Comments
Karpov Ruslan
Karpov Ruslan Apr 27, 2020

We using AD SID as Identifier (like "S-1-5-21-1715567821-789336058-682003330-586352") and this identifier never changes after creating domain user.

And field Match Identifier contains only "Case Sensitive" value

Like
Reply

Suggest an answer

Log in or Sign up to answer
Product apps
Apps & Integrations
TAGS
AUG Leaders

Atlassian Community Events

See all events