nbzn4 (nbzn4) asked a question.
Okta to AD provisioning
Hi,
We are using SuccessFactors as profile master and we are syncing attributes from SF to Okta and then to Active Directory. When we are trying to map unicodePWD AD attribute from Okta to AD, the provisioning fails with constraint error and as per ldapwiki AD will accept the value in UTF-16 format. How to convert the string expression into UTF-16 format. And we are trying to map managerdn(Manager Account OU) from Okta to AD for new users created in SF. Does Okta support to auto generate ManagerDn for new users?
AFAIK, There is no out of the box -method which supports UTF16 (Unicode strings) in OKTA.
Secondly, for Manager DN, you can try following expression.
This will Check if user has an Active Directory assignment, and if so, return their Active Directory manager UPN.
Hi Sandeep,
Thanks for the reply. So doesn't this mean the user should be already available in AD and using the above expression I am fetching the data from AD and updating user profile through Okta. I don't think this will work for new user created by import from SuccessFactors and created in AD through Okta to AD provisioning.
I am interested in the DN part too. If the user is being created in Successfactors, it cannot know the DN of the manager, unless there is a way to adapt this function
(getManagerAppUser(managerSource, attributeSource).$attribute) to the scope