CA Service Management

 View Only

 Contacts become inactive after running pdm_ldap_sync

asim Shah's profile image
asim Shah posted Mar 28, 2021 07:35 AM
​​Dear Team

By running pdm_ldap_sync command (without any argument) , we noticed some of the users got inactive despite of those users were frequently active on SDM.

We know that if User CN value doesnot matches in AD DN then the users turn to inactive while running ldap_sync but we checked in Active directory, the DN is same as CN in ldap_logging log file for inactive users.

how can we sync only specifc fields like alt_phone & email_address so that command will update only these 2 fields for all the active users and do not inactive the users.

what will be the correct argument  to run pdm_ldap_sync……... ????


#CALDAP


Brian Mathato's profile image
Broadcom Employee Brian Mathato
Hi Asim,

Perhaps the information contained in the below article may help to spark an idea and lead to a possible solution:

https://support.broadcom.com/download-center/problem-detail.html?productcd=USRD&problemnbr=531
Lindsay Estabrooks's profile image
Lindsay Estabrooks
The parameters I usually use:

pdm_ldap_sync -l "userid = ?" -c ""​
Lindsay Estabrooks's profile image
Lindsay Estabrooks
Another thing to check are the Options Manager --> LDAP options. For instance, what do you have set for ldap_search_base? Are the users who were inactivated in another part of the directory tree?
asim Shah's profile image
asim Shah
HI Lindsay

THe users who became inactive are the same part of the directory.

However, as you mentioned the command it fulfils our need and no users become inactive but around 200 inactive users become ACTIVE :)

the argument   -l "userid = ?" -c ""​ in sync command, what it actually do? can you pls share

pdm_ldap_sync VS pdm_ldap_sync -l "userid = ?" -c ""

?