hi,
The note is applicable for EP7.0 also.
On applying the note you can over the mismatch happenning with respect to LDAP changes.
The reason for such occurrence was that, the UME (User Management Engine) assigns unique IDs to the LDAP users. By Default the unique ID contains the distinguished name of the user.
If the user is moved to a different location in the LDAP Directory, its distinguished name changes.
For example the unique ID of a user is
USER.CORP_LDAP.cn=testuser, ou=people, o=mycompany
If this user is changed to a different location for which ou=admins then the unique ID of the user is changed to
USER.CORP_LDAP.cn=testuser, ou=admins, o=mycompany
In this case the UME can no longer find any data associated with the user under the old unique ID and the data (role assignment or user mappings) stored in database for such users gets lost. So in this regard we have changed the configuration of the UME so that it no longer uses the distinguished name in the unique ID, instead we use a unique attribute (MindTree mindu2019s ID) that is never changed in the LDAP directory.
once you set the parameter with samaccountname then the behaviour of getting the user roles/worksets misplaced will go off, and changes in LDAP will not reflect your portal TLN.
regards,
Kris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.