• Replies 3 replies
  • Subscribers 93 subscribers
  • Views 1036 views
  • Users 0 members are here
Options
Related

Synchronization - user status update with scoping

j basha
over 4 years ago

Dears,

Hope everything is great !!

One Identity Version: 8.0

Subject: Synchronization
Synchronization Type: Native Database Connector
Database Type: MS SQL

We have a database based connected system integrated with One Identity.
Connected system database has active and inactive users. The statistics of active and inactive count in the DB is as follows.

Active: 2975
Inactive: 12441

Initially the plan was to pull only Active users from the connected system which was achieved successfully by limiting the users through scoping as below.

EMP_TYPE='Partner' and EMP_STATUS_NAME='Active'

The goal was only to import active users and not to import inactive users into One Identity.
So the Workflow is designed in such a way that only Active users to be inserted. "Objects only found in the target system are --> Insert" with condition Other.Emp_Status_Name='Active'

Now we are facing an issue with the users(active) who is already imported in One Identity and the status is made Inactive in the connected system end.
Please suggest us how to achieve the status update to inactive in the direction of one Identity from connected system.

Kindly revert to me if any more information is required.

Regards,

Jilani Basha

  • over 4 years ago

    As you are using 8.0 I suggest marking the existing objects in OneIM as Outstanding. Then create a process triggered by the PostSync event of your synchronization that executes a script that loads all outstanding users, removes the outstanding flag and sets the status to inactive.

    The other option is to remove your scope to load all objects on the database side, create two schema objects classes of the target system side in the Sync Editor, one for the active ones and one for the inactive ones using filters in the class definition.

    You could then create to different workflow steps, one that is doing the insert only for the active users and one that is doing the status update for the inactive ones.

  • over 4 years ago in reply to Markus Weiss-Ehlers

    Dear Markus,

    Thanks a lot for your valuable time and response. Option 1 of marking the existing objects in OneIM as Outstanding sounds good approach for my requirement.

    I am exploring the flag for markedasoutstanding and i could not find an option or flag to identify the Outstanding object. Can you suggest is there any flag for outstanding similar to XMarkedforDeletion in Person object. Thank you so much

  • over 4 years ago in reply to j basha

    Outstanding is just a bit set in the property XMarkedForDeletion. The easiest way for you is to use the MarkAsOutstanding method in the workflow for Objects that only exist in the One Identity Manager during synchronizing in the direction of One Identity Manager.