Is deleting the IAM User the right approach when AD changes?

Question

In IFS Cloud we use SSO and have a business unit that just changed their Active Directory information as part of a renaming. Once the AD domain name changed, users were no longer able to log in to IFS using the new domain name.

Looking at the User Details screen in IFS we can see that although the Directory ID and email for the user were updated to the new AD values, the IAM User account associated to each user did not change. This value does not appear to be changeable.

When we delete the IAM User and the user logs in again using their new domain details it then works, and a new correct IAM User account is automatically created and associated with the User. The new IAM User account is then included in the User Details screen.

Is this the correct approach to align/fix IAM accounts for users after a domain name change in AD?

Or is there something else that should be done instead (or in addition)?

Thanks in advance,

Nick

Page 1 / 1

Hi @NickPorter ,

Yes, deleting the IAM user is the correct approach when you do any changes in the IDP configuration.

Thank you,

Aswin.

Thanks @Aswin Shadhujan . Are there any other steps we need to take from an IFS user perspective, or is this all that is needed?

Thanks

Nick

Reply

Aswin Shadhujan · Accepted Answer

Hi @NickPorter ,Yes, deleting the IAM user is the correct approach when you do any changes in the IDP configuration.Thank you,Aswin.

NickPorter · Answer

Thanks @Aswin Shadhujan. Are there any other steps we need to take from an IFS user perspective, or is this all that is needed?ThanksNick

Reply

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded