After enabling the Organization field on the Modify user screen, I am still unable to modify the organization for a user.
The organization field for a corporate user can be set once and only once in the user's lifetime.
Release : 14.3
Component : IdentityMinder(Identity Manager)
IDM does support for the manipulation of user organization location. You will need to delete the user and recreate them under the desired organization within Identity Manager
NOTE: ALL USER MIGRATION ON THE BACKEND CAN CAUSE USER DATA CORRUPTION AND IT IS SUGGEST THAT YOU BACK UP ALL YOUR DATA PRIOR TO ANY CHANGES. ONLY PERFORM THESE STEPS IF YOU ARE PROFICIENT IN THE APPLICATION. ANY ISSUES CAUSED BY THE BELOW STEPS WILL RESULT IN YOU BEING REQUIRED TO REVERT ALL CHANGES. MAKE SURE YOU TAKE SNAPSHOTS OF ALL SYSTEMS INVOLVED INCLUDING SQL. SUPPORT WILL NOT TROUBLESHOOT ISSUES CAUSED BY THE BELOW STEPS.
1) The user being moved cannot have an active pending workflow against them.
2) The user being moved cannot have a pending task against them.
3) Any rules regarding admin/owner/member policies could affect user integrity... etc
You are not limited to only the above scenarios but there could be others. You should make sure at least the above 3 conditions are focused on before moving the user on the back end.
Work Around Steps:
You will need to utilize modrn functionality against CA Directory.
You will need to get all the dn values you want to move. Then you will need to build an LDIF file such as the below example. Let's say you want to move this user from ou=Support,ou=Customer,o=DEMOCORP,c=AU to ou=Customer,o=DEMOCORP,c=AU. You will need to make an LDIF file with the modrdn request in it. See below.
Old DN: cn=Glenda STEIN,ou=Support,ou=Customer,o=DEMOCORP,c=AU
New DN: cn=Glenda STEIN,ou=Customer,o=DEMOCORP,c=AU
Create an LDIF file with the below lines:
dn: cn=Glenda STEIN,ou=Support,ou=Customer,o=DEMOCORP,c=AU
newrdn: cn=Glenda STEIN
Once you have this done then you will need to execute a dxmodify:
dxmodify -c -h hostname:19389 -D bindDN -f newou.ldif
Now when you view the user in Identity Manager you will see they are apart of the new Organization.