Hello,

me again :-)

We have the well-known Problem with changing a username because we need it with Sharepoint - My Sites.

So we changed all usernames from anonym to personalized. (for example: 01scsm02 to dan001)

The import works, but if we disabled a user the AD Connector only check if the user is in the AD and not if he is active or not.

Now we had a script which transfer deactivited users to a pool namend "old users".

Unfortunately SCSM loses all information about Tickets when i delete the AD-Connector.

After thinking about it, i possibly have an idea to get only active Users. Heres my plan, but did it works?

1. I create new AD-Connectors for every department (only just 5 in our company)

2. Based on our script the AD transfers every inactive User to the pool "old users" which the AD-Connector doesnt sync.

3. After activating every Connector (which includes all active users like the "old AD-Connector") i delete the "old AD-Connector".

Now is the question...did we anyway lose all Ticket Information?

In my theory SCSM have the users already from the "Deparment-Connectors" and cant lose the Information about affected end user, assignee etc...

Hey

About Connectors:
Every synced object has at least on connector source in the database. If you have multiple connectors that sync the same object, the same object will have 2 connector data sources. When a connector is deleted, the connector sources in the database on the objects are also deleted. As soon as an object has no data source left it will be gone.

Now some clarification:
What do you mean by "Pool"? This term does not exist in Service Manager nor Active Directory. I assume you are talking about Organizational Units?

Check out Dieter's Blog post about using a custom LDAP query to only get enabled users:
http://blog.dietergasser.com/2013/03/15/excluding-disabled-users-from-ad-connector/

Another option could be using an Orchestrator runbook that regularly checks user accounts and if disabled change the CI status in the Service Manager CMDB.

Cheers
Marcel 

Hey Marcel,

let me get this straight with an example.

I have an Incident from user xy assigned to me. Now i create the new Connectors. If in understand you right, my Affected End User has now 2 Datasources. If i delete now the old Connector. Does SCSM take the new Datasource and the Incident has already the affected end user? Or is the incident then without an affected end user?

With Pool i just like to describe a group in the AD which we created as target in our script, that the system knows where the old user has to go.

Thanks for the blog. I already used this post to create our current AD-Connector.

Yeah, the Orchestrator was also in my mind. But my boss doesnt like to use it at the moment. Why? I have no idea :-)

In the meantime i found our Problem why the old username are already there after changing the username.

Our anonym User is in the Exchange Console as Alias recorded. I talk to my associate which administrated the Console that he changed it. Then -so i hope- i have this problem with double users in the SCSM no longer.

greets Dan

Hey

I have an Incident from user xy assigned to me. Now i create the new Connectors. If in understand you right, my Affected End User has now 2 Datasources. If i delete now the old Connector. Does SCSM take the new Datasource and the Incident has already the affected end user? Or is the incident then without an affected end user?

--> Correct, as long as the user is still in the CMDB (and it is because of the other data source), the incident still has the affected user and assigned to user configured

Cheers
Marcel

Thank you Marcel, that helps me a lot :-)

greets Dan