Un-mapped AD Users not getting auto-preserved

Last updated
Save as PDF
Share
1. Share

Heads up!

We've transitioned to a new documentation portal to serve you better. Access the latest content by clicking here.

Problem description

After the inSync users are removed from the mapping, users were not automatically preserved.

Cause

This issue is observed when:

The AD/LDAP connector is in a disconnected state.
The credentials used for AD/LDAP Server accounts are incorrect.
The user was created manually in inSync Cloud.

Resolution

Issues with inSync AD Connector

To resolve the issues with inSync AD Connector, refer to AD Connector not connected.

Issues with AD/LDAP Server account credentials

inSync requires read-only access to your AD/LDAP to fetch the user details that it requires from your AD/LDAP. If the AD/LDAP service account credentials are invalid or expired the inSync will not be able to fetch the user details.

To identify if the credentials are working properly you perform the following steps.

Select the mapping, and click on Import New,. If you see successful message, there are no issues in connecting and authenticating the AD Connector.
If you get an “Invalid Credentials” error this means the AD/LDAP Server account credentials are not valid.

To update the AD/LDAP Server credentials

Double-click on the Druva AD/LDAP Connector icon. The AD/LDAP Connector window appears.
Click Manage AD/LDAP Accounts. The Manage AD/LDAP Credentials window appears.

Provide the appropriate information for each field.

Field	Description
Username	Type the user name of the AD/LDAP Server account that has read-only permissions. inSync requires read-only access to your AD/LDAP to fetch the user details that it requires from your AD/LDAP. inSync does not fetch user credentials. inSync fetches only user details, such as email, name, department, country code, login name.
Password	Type the password for the AD/LDAP Server account. The password is saved in an encrypted format in the inSyncADConnector.cfg file for that inSync Connector.

Field

Description

Username

Type the user name of the AD/LDAP Server account that has read-only permissions.

inSync requires read-only access to your AD/LDAP to fetch the user details that it requires from your AD/LDAP. inSync does not fetch user credentials. inSync fetches only user details, such as email, name, department, country code, login name.

Password

Type the password for the AD/LDAP Server account. The password is saved in an encrypted format in the inSyncADConnector.cfg file for that inSync Connector.

Issues with manually created users

In this case, the 'Auto-Preserve Unmapped Users' setting will not work, as these users were not originally imported through AD.

Hence inSync's AD/LDAP settings for auto-preserving these users will not apply.

Workaround

Manually select such users from the Users page and click on Preserve to preserve them.
If the issue still continues, contact Support by submitting a ticket for further investigation.

SUPPORT community

support Resources

More links

Support Contacts