Identity Manager - How to update Active Directory attributes using command line
Article ID: 98248
Updated On:
Products
CA Identity Manager
CA Identity Governance
CA Identity Portal
Issue/Introduction
How to update Active Directory attributes using a command line?
The Policy XPress is not updating the AD accounts because no events are being triggered the PX since it is not possible to modify User attributes at this moment.
How to modify the Active Directory attributes without Policy XPress
The Policy XPress is not updating the AD accounts because no events are being triggered the PX since it is not possible to modify User attributes at this moment.
How to modify the Active Directory attributes without Policy XPress
Environment
Identity Manager 12.x, 14.x
Resolution
To update AD attribute using the command line, you need to use ldapmodify command line.
The LDAPMODIFY command is located under folder:
X:\Program Files (x86)\CA\Identity Manager\Provisioning Server\bin
The command:
ldapmodify -x -D "DN_of_account_used_connect_AD" -w <Acccount_Password> -h <AD_Hostname> -p 389 -f <LDIF_File>.ldif
Where:
DN_of_account_used_connect_AD = Proxy AD Account DN used to connect to AD, the same one used in your AD endpoint
Acccount_Password = Password of the account above
AD_Hostname = Hostname or FQDN of Active Directory
LDIF_File = File with the account DNs and its attributes to be changed
Example:
ldapmodify -x -D "CN=Administrator,CN=Users,DC=example,DC=com" -w MyPassword -h <AD_hostname) -p 389 -f test.ldif
Feedback
Yes
No
Powered by
