Symantec IGA

 View Only
  • 1.  User Picture To Active Directory

    Posted May 28, 2020 06:08 PM
    I have an user request to allow users to include pictures in the Identity Portal. Then, the photos must be integrated with Active Directory.
    I know that there is a picture field in the Portal and in the Identity Manager (customizing task screens). However, I cannot find the field for inclusion of the image within the Active Directory account templates. In AD, the LDAP field is called thumbnailPhoto, but I can't find it in the IGA.


  • 2.  RE: User Picture To Active Directory
    Best Answer

    Broadcom Employee
    Posted May 28, 2020 08:53 PM
    Not all attributes are managed by the out of box AD Connector. The connector does allow you to manage additional attributes by configuring the schema.ext file on the C++ Connector Server as mentioned in the following product documentation:

    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-management-and-governance-connectors/1-0/connectors/microsoft-connectors/microsoft-active-directory-microsoft-exchange-and-microsoft-lync/configure-the-connection-to-active-directory/extend-the-active-directory-schema-by-adding-custom-attributes.html

    However I do not think this will work for a photo/image as the Provisioning User itself has no attribute for a photo/image either and so an Account Template would not be able to reference a Provisioning User field. I believe what you are asking for would be a product enhancement and that you would need to look at developing a custom coded solution that would just update the domain controller directly.