LDAP User sync issues

vartikagarg
Kilo Contributor

‎11-02-2017 03:14 PM

We have LDAP Integration for Users where we have put the coalesce on objectGUID as thats the only unique field.

So when any Employee leaves the organization, his AD account is deleted and at SN user account is inactivated

But if now the User is rehired (a new account is created for the user in AD), so SN creates a separate record but when rehired User is being added to any group, then sometimes Inactive User record gets added to the Group instead of active one because both records have same source.

If we update the coalesce on UserID(samaccountname), then what if another user joins the organization and we give the userid which was earlier their for the User who left the company.

I am expecting we are not the first company to face such scenarios, so wanted to know the best practice to make sure this LDAP works

0 Helpfuls
  • 2,154 Views
5 REPLIES 5

Ibaa_Shoheb
Tera Contributor
In response to Jaspal Singh

‎07-31-2018 03:15 AM

Hi Japsal,

Only objectGUID is the Coalesce field that we have defined in our LDAP configuration.

Regards,

Shoheb Shaikh 

0 Helpfuls