Update AD/LDAP GUID of a preserved inSync user
There could be events when the inSync user is active within the organization, however, the user is automatically Preserved in inSync. This occurs when there is a change in the user's AD/LDAP GUID or change in the AD or LDAP server. As a part of the user validation process, inSync uses the GUID attribute of an Active Directory user. In such scenarios, if the GUID of the logged-in user fails to match with that of the mapped user, the inSync user is moved to the preserved state, and inSync backups are disabled for such users.
This article provides the instructions to manually update users' AD/LDAP GUID to resume inSync backups when the active users get preserved in inSync due to change in GUID.
- AD/LDAP GUID can be updated only for the inSync users who are provisioned in inSync through AD/LDAP mapping.
- AD/LDAP GUID cannot be updated for the inSync users who are provisioned in inSync manually or through SCIM.
Before you begin
Before you initiate the AD/LDAP GUID update for a user or a set of users from the inSync Management Console, ensure the following:
- The user import method in the inSync Management Console is set to AD/LDAP.
- All the AD/LDAP Connectors are in the configured and connected state.
If the user import method is set to SCIM and you want to change the user import method to AD/LDAP, refer Change user provisioning from SCIM to AD/LDAP.
If you have not registered your AD/LDAP with inSync, refer Register your AD/LDAP.
- On the inSync Management Console menu bar, click Users. The Users page appears.
- Use the checkboxes to select the preserved users for whom you intend to update the AD/LDAP GUID.
- Click Options located at the top of the table, and then select Update AD/LDAP GUID.
- A request to update the AD/LDAP GUID for the selected users is created.
Upon successfully updating the users' AD/LDAP GUID, inSync resumes the scheduled backups.