000018768 - sdaceldap does not update users if the extension fields change

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018768
Applies ToRSA ACE/Server 5.0 (no longer supported as of 8-15-2004)
Lightweight Directory Access Protocol (LDAP)
New sdaceldap that updates extension fields
Issuesdaceldap does not update users if the extension fields change
Causesdaceldap was designed to synchronize users First Name, Last Name and Default Login fields with an LDAP directory and does not update users if those fields do not change.
ResolutionThe new sdaceldap compare option will update modified user extension fields.

When sdadmin processes a "compare" csv file, the users are viewed as candidates for deletion.  That is why a compare operation cannot be used to update user extension fields.

As a result, it was necessary to create two output files during a compare operation.  The one which receives the delete candidates says COMPARE in the header; and its name is what was specified in the command line. In addition, a file is created with IMPORT in the header which contains those users for whom extension records were modified.  This additional file is "imp" prefacing whatever the other file was named, for example if the output file is specified as ldapusers.csv the additional file will be called impldapusers.csv.

When you use the compare produced "imp" file as an LDAP input file, the user(s) will all be collisions with existing users, therefore you will want to select the option "Overwrite all conflicts updating existing users" before processing the users.

You can request the new sdaceldap utility as a hotfix from Customer Support.
Legacy Article IDa3384