Account name changes from Azure AD to Rainbow
Based on SR# 00737855 - What is Error Code 400984?
You replied:
After checking with the team in charge, it appears that we do not currently manage account name changes from LDAP to Rainbow. The customer's admin has to carry out a manual operation per user, the account has to be changed in ‘change user password’ (user security page). It should then re-synchronize correctly.
This PER is created to rethink this design and make it work without manual actions.
BR C
-
Hi Christian
To avoid avoid missunderstanding
Rainbow AD/LDAP connector is synchronizing from an AD/LDAP deployed in CPE,
If customer uses ADFS in Azure as recommanded by Microsoft, this is not the AD/LDAP connector which must be used.
User's names changes can be automatically synchronized, what cannot be changed automatically during life cycle of the user is his "Rainbow login email". A change on this "Rainbow login email" is seen as a potential source of security issues and currently can be managed only by admnistrator.
This kind of change is not very frequent and reject error is listed in the report of each synchronization.
We also support a service request if the change affects many users due to a domain name change at the compay level. -
The comment from customer side regarding your feedback was:
"We have a lot of name changes. I disagree that it is "not very frequent".
Of course it depends on the size of the customer.
But the bigger the customers the more subscriptions they pay so the more ALE should be interested to keep them happy or not? ;o)
I can understand them, that it is not really a helpful semi automated synchro if he has to do a check and modification manually after every sync.BR C
Please sign in to leave a comment.
Comments
2 comments