1 2 Previous Next 17 Replies Latest reply on May 18, 2010 9:03 AM by peter_eepc Go to original post
      • 10. Re: Active directory name change

        I think your problems are totally different to what you think ;-) Good luck though!

        • 11. Re: Active directory name change

          It is important to know that different attribute settings will work for NEW user objects. Or if you clean/recreate bindings to adhere to new attribute values.

          I would suggest to use default "objectGUID" and test it with newly created AD user account.


          As a quick check, use EEM and see user object properties. Go to bindings section and see what attributes and values are being currently used.



          Message was edited by: peter_eepc on 5/17/10 3:14:12 PM EDT
          1 of 1 people found this helpful
          • 12. Re: Active directory name change

            Now I need help. seem that it stopped communicaticating correctly..how to I rebind????

            • 13. Re: Active directory name change

              What stopped to communicate correctly? Connector? Send me connector log.


              You want to rebind particular user? Send me current user binding info and your connector settings.

              • 14. Re: Active directory name change

                you need to use the linkuser.vbs script, or, delete the user and let the connector recreate them, or manually set the binding attribute in the user policy to match the one the connector is using. What you experience is expected because you changed the attributes, so now the binding information in EEM does not match the details the connector is expecting to see.


                I think you should get professional help from your McAfee reseller to help you set this up properly.

                • 15. Re: Active directory name change

                  There is no need to seek professional help from McAfee reseller if all experiments are conducted in test environment, isolated from production.

                  Any mistakes and corrective measures just enhance knowledge how this product functions. With diligent test work, one can achieve knowledge that is sufficient to deploy, support and maintain production systems. But it is a lot of work and therefore lots of time spent. In some cases engaging proffessional services might be more appropriate.

                  • 16. Re: Active directory name change

                    I figured that the binding went array, I only had 15 users which 4 are active users I deleted the 11 and recreated need to keep an eye on the 4

                    Thank you all so much..nothing better than inheriting a misconfigured live environment!!!!

                    • 17. Re: Active directory name change

                      Deleting user account makes it inconvenient to the physical user (you must reassing user account to his machine and reset password, boot once might be also needed, depending on timing). Rebinding existing user does not require physical user to do anything, because full credentials are preserved.

                      1 2 Previous Next