none
AD MA Export: UserAccountcontrol value is not flowing in AD RRS feed

  • Question

  • Hi All,

    The value of userAccountControl in AD is not stamping to 512 in AD.

    AD connector space is showing the value 512, When I export the user in AD, the account get create in disabled sate.

    AD Connector Space

    AD Attribute Editor

    My understanding is the account should have create in AD in Enabled State, As in AD connector space the value is 512. Kindly advice

    Thanks and Regards,
    Anirban Singha(Bangalore)
    http://a-zenith.blogspot.in
    FIM 2010 Group(Bangalore India)

    Sunday, April 13, 2014 4:06 PM

Answers

  • Hi,

    Please find the list of required attributes you need to flow from FIM to AD to successfully provision the user into AD:

    DN, sAMAccountName, unicodepwd,userAccountControl, CN.

    Some not must but recommended attributes:

    givenName, sn, DisplayName,UPN,Email.

    Also, Your "unicodepwd" attribute which consists AD user's password should match the AD Password policies.



    Thanks~ Giriraj Singh Bhamu

    • Marked as answer by AnirbanSingha Wednesday, April 16, 2014 2:35 AM
    Monday, April 14, 2014 10:03 PM
  • Hi,

    A possible reason that the user is disabled in AD when created, is if the user is provisioned without password (unicodePwd)

    Patrick.


    Patrick Layani


    Sunday, April 13, 2014 5:52 PM

All replies

  • Hi,

    A possible reason that the user is disabled in AD when created, is if the user is provisioned without password (unicodePwd)

    Patrick.


    Patrick Layani


    Sunday, April 13, 2014 5:52 PM
  • Hi,

    A possible reason that the user is disabled in AD when created, is if the user is provisioned without password (unicodePwd)

    Patrick.


    Patrick Layani


    Agreed - try generate any password for provisioning as well

    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    Sunday, April 13, 2014 7:17 PM
  • Hi,

    Please find the list of required attributes you need to flow from FIM to AD to successfully provision the user into AD:

    DN, sAMAccountName, unicodepwd,userAccountControl, CN.

    Some not must but recommended attributes:

    givenName, sn, DisplayName,UPN,Email.

    Also, Your "unicodepwd" attribute which consists AD user's password should match the AD Password policies.



    Thanks~ Giriraj Singh Bhamu

    • Marked as answer by AnirbanSingha Wednesday, April 16, 2014 2:35 AM
    Monday, April 14, 2014 10:03 PM