Advanced Server Access (ASA does not preserve unix level properties (uid/gid/homedir) for existing unix users who have a dot-separated username format (for example, firstname.lastname) even after updating uid/gid attributes in Okta/ASA. 

• Advanced Server Access (ASA)
• Administration
• Service users

If there is an existing username in a dot-separated format on the Unix box, then ASA will create an equivalent username in underscore-separated format with a new uid/gid. When updating the uid/gid in Okta/ASA to match the uid/gid on the Unix machine, the change is not updated on the Unix box.

See a snippet of the error from the sftd.log file:

level=error msg="usermod (to change unix name) failed" args="--login jane_doe --home /home/jane_doe jane.doe" err="exit status 9" newUserName=jane_doe oldUserName=jane.doe output="usermod: user 'jane_doe' already exists\n" level=error msg="osedit: goal failed" description="Changing local user 'jane.doe' based on user:'9eee50f5-2793-69b9-a63d-f6bdbdcc415d' to username: 'jane_doe' and gid: 1004" error="exit status 9" goal=user_change_unix_gid_and_name

NOTE: There are two ways to update the uid/gid/UnixUsername attributes :

1. In Okta Admin Console, edit the attributes in Applications > ASA - Assignment > click the pencil icon for the user (Edit) and update the properties.

2. In ASA > Projects > Project name > Users > click the gear icon to edit user attributes.

1. In Okta Admin Console, edit the attributes in Applications > ASA - Assignment > click the pencil icon for the user in question.
2. Update the UnixUsername in addition to updating the unixUid and unixGid properties to match the properties on the unix box.

Once these changes are made,  ASA is now able to manage the existing userid in the Unix box, preserving all the properties, such as the user's uid/gid and home directory.