How to synchronize user accounts that do not have an email address to the SecurID Access Cloud Authentication Service
Originally Published: 2022-05-04
Article Number
Applies To
RSA Product/Service Type: Cloud Authentication Service
Issue
Resolution
- Option 1: If users who are currently synced to the Cloud Authentication Service from the identity source have the SAME value for their mail and userPrincipalName attributes, then the mapping of Email Address in the identity source configuration in the Cloud Administration Console can be changed from mail to userPrincipalName. This change would make it so users that are already synced are not affected (assuming their userPrincipalName is the same as their mail) and also allow users who do not have mail defined to be synced based on their userPrincipalName.
- Option 2: If users who are currently synced to the Cloud Authentication Service from the identity source have a DIFFERENT value for their mail and userPrincipalName attributes, then an additional identity source can be added to the Cloud Authentication Service specifically for the users who do not have the mail attribute defined. In the new identity source's configuration, the Email Address field can be mapped to userPrincipalName.
Important: When adding and configuring the new identity source, it is importing to configure it so that users that are currently synced to any other identity source(s) configured with the Cloud Authentication Service will not end up being synced to this new identity source.
- Option 3: Define the mail attribute for the users in the identity source that do not currently have it defined but that need to be synced to the Cloud Authentication Service (the email addresses set in the mail attribute do not need to be "real" email addresses.)
Related Articles
RSA Cloud Authentication Service Identity Source Synchronization reports user accounts with Duplicate Email Address Number of Views Create list of users who have not logged into RSA Authentication Manager 8.x for a specific period of days Number of Views Authentication Manager 8.5 P5 connection to Cloud Authentication Service gets “permitted only authenticators you have purc… Number of Views Cloning AFX connectors creates duplicate connectors if connector names have been modified in RSA Identity Governance & Lif… Number of Views In RSA Identity Governance & Lifecycle While attempting to create/modify review definition, when we include users with Dat… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
