Overview
inSync allows administrators to modify an existing LDAP mapping. Administrators can update the following fields in an LDAP mapping:
LDAP mapping name
Filter Users criteria
inSync uses the destination or location attributes defined in the Filter Users field to import and create inSync accounts of users in your organization. Administrators can add new LDAP attributes or remove the existing ones to update the criteria used for managing the accounts.
When an administrator adds or removes a LDAP attribute, inSync queries for the users that fall under the updated LDAP mapping and:
Imports new users and creates inSync accounts.
Identifies existing inSync user accounts that do not belong to any LDAP mapping and preserves it.
π Note
β
inSync automatically imports users, only if the Auto import new users setting is configured. For more information, see Auto-import users from your AD/LDAP.
inSync automatically synchronizes user accounts, only if the Auto preserve unmapped users setting is configured. For more information, see Synchronize inSync users with your AD/LDAP.
Administrators can specify multiple attributes to filter users and import them into inSync. Users are filtered based on the AND (&) and OR (|) condition specified while defining multiple attributes.
Any update to an existing AD/LDAP mapping is logged by inSync and displayed in the administrator audit trails. Audit trails is a feature that is part of the Governance offering. For more information, see View audit trail for administrators.
Procedure
To modify an LDAP mapping,
On the inSync Management Console menu bar, click Users > User Provisioning.
In the Mappings tab, click on the AD/LDAP Mapping Name that you want to modify.
In the Mapping Configuration area, click Edit.
If you want to update the AD/LDAP mapping name, type a new name as per your naming convention.
In the Filter Users area,
If you want to add a new location attribute, type the name of the new attribute, and click Verify. inSync validates the new attribute with your registered LDAP, and ais displayed if the attribute is valid.
βORIf you want to remove an existing attribute, select it and delete it.
Click Save.
Users are imported or preserved based on the update you have made to the AD/LDAP mapping.