Skip to main content
Update AD/LDAP GUID of a preserved inSync user
Updated over a month ago

Overview

There could be events when the inSync user is active within the organization, however, the user is automatically Preserved in inSync. This occurs when there is a change in the user's AD/LDAP GUID or a change in the AD or LDAP server. As a part of the user validation process, inSync uses the GUID attribute of an Active Directory user. In such scenarios, if the GUID of the logged-in user fails to match with that of the mapped user, the inSync user is moved to the preserved state, and inSync backups are disabled for such users.

This article provides the instructions to manually update users' AD/LDAP GUID to resume inSync backups when the active users get preserved in inSync due to change in GUID.


โ— Important

  • AD/LDAP GUID can be updated only for the inSync users who are provisioned in inSync through AD/LDAP mapping.

  • AD/LDAP GUID cannot be updated for the inSync users who are provisioned in inSync manually or through SCIM.


Before you begin

Before you initiate the AD/LDAP GUID update for a user or a set of users from the Endpoints Console, ensure the following:

  • The user import method in the inSync Management Console is set to AD/LDAP.

  • All the AD/LDAP Connectors are in the configured and connected state.

If the user import method is set to SCIM and you want to change the user import method to AD/LDAP, refer Change user provisioning from SCIM to AD/LDAP.

If you have not registered your AD/LDAP with inSync, refer Register your AD/LDAP.

Procedure

  1. On the EndpointsConsole, go to k Users. The Users page appears.

  2. Use the checkboxes to select the preserved users for whom you intend to update the AD/LDAP GUID.

  3. Click Options located at the top of the table, and then select Update AD/LDAP GUID.

update_adldap_new.jpg
  1. A request to update the AD/LDAP GUID for the selected users is created.

Upon successfully updating the users' AD/LDAP GUID, inSync resumes the scheduled backups.


๐Ÿ“ Note:

  • If you have added users to inSync manually or through API, these users will automatically sync with your Active Directory/LDAP environment if the user email ID exists in your AD/LDAP directory and matches any existing AD/LDAP mapping rules.

  • The user name and the GUID value are updated automatically according to the AD/LDAP directory.


Did this answer your question?