If you are handy with SQL and AD you can try to identify the issue yourself by examining the AD sync logs which are stored in a table called UMI_audit.
This query will return any errors from the last two weeks:
select * from UMI_audit where errormsg is not null
This query will identify any users that aren't configured to sync:
select * from umi_person where sync = 0
The most common issues we encounter with AD sync are accounts that have been orphaned as a result of incorrect expiration.
If your IT department isn't willing to give you AD access and you aren't sure how to verify data on the AD side, I'd recommend installing Softerra LDAP browser. With a minute or two of configuration you'll have a READ only view into your organizations AD system.
Softerra LDAP Browser is a lightweight version of Softerra LDAP Administrator. It supports read-only operations that do not modify LDAP directory data, e.g. browsing, search, export, etc. For complete, fully functional management of LDAP directories you need Softerra LDAP Administrator.
Softerra LDAP Browser is the industry-leading software for browsing and analyzing LDAP directories. It provides a wide variety of features for handy viewing of directory contents, getting information about directory infrastructure and objects.
Right after the very first release Softerra LDAP Browser has become a real breakthrough in IT market thanks to its simplicity and power in equal measures. The software holds highest positions for 10 years already. Some of its features are unique - to date there is anything to match their efficiency in the existing LDAP software packages.
No comments:
Post a Comment