It is important to know that different attribute settings will work for NEW user objects. Or if you clean/recreate bindings to adhere to new attribute values.
I would suggest to use default "objectGUID" and test it with newly created AD user account.
As a quick check, use EEM and see user object properties. Go to bindings section and see what attributes and values are being currently used.Message was edited by: peter_eepc on 5/17/10 3:14:12 PM EDT
What stopped to communicate correctly? Connector? Send me connector log.
You want to rebind particular user? Send me current user binding info and your connector settings.
you need to use the linkuser.vbs script, or, delete the user and let the connector recreate them, or manually set the binding attribute in the user policy to match the one the connector is using. What you experience is expected because you changed the attributes, so now the binding information in EEM does not match the details the connector is expecting to see.
I think you should get professional help from your McAfee reseller to help you set this up properly.
There is no need to seek professional help from McAfee reseller if all experiments are conducted in test environment, isolated from production.
Any mistakes and corrective measures just enhance knowledge how this product functions. With diligent test work, one can achieve knowledge that is sufficient to deploy, support and maintain production systems. But it is a lot of work and therefore lots of time spent. In some cases engaging proffessional services might be more appropriate.
I figured that the binding went array, I only had 15 users which 4 are active users I deleted the 11 and recreated need to keep an eye on the 4
Thank you all so much..nothing better than inheriting a misconfigured live environment!!!!
Deleting user account makes it inconvenient to the physical user (you must reassing user account to his machine and reset password, boot once might be also needed, depending on timing). Rebinding existing user does not require physical user to do anything, because full credentials are preserved.