I'm a huge doubt to be able to meet the requirement of a customer.
I need that the SDM synchronize the contacts registered in the LDAP over a period of time, inactivating contacts not found and creating new contacts if are any new entries in the LDAP.
The first problem I found, in the environment was the fact that there is already configured EEM solution, that does not quite understand.
My first idea was to make the change as the tec doc http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec489029.aspx, create a .bat file to run the "pdm_ldap_sync -l command "id = AND userAccountControl = 2"" and schedule a task using the Task Scheduler to run the .bat every day.
For this I installed on the SDM server all LDAP options in order to be able to run the import and synchronization commands.
When performing the import or synchronization utility the contacts are properly set up (not sure if contacts were inactivated too) but for the tool already be configured with EEM (and this is the type of authentication for each type of access) is not possible to logon or with the user servicedesk.
Can anyone help me?!
Theres a way to do this!? =´(
The EEM has a utility that allows this type of import / synchronization?
At first I thought the .bat creating solution and task scheduling would solve the problem, but when confronted me with the EEM everything changed.
Thanx to all!!!!
We also use pdm_ldap_sync for synchronizing contacts from LDAP (Active Directory) directly by a .bat file which run on task scheduler every 12 hours. we did'nt configured EEM for CA SDM. Only we configured LDAP options from option manager for directly connect LDAP.
If not any impact or severity, you can deinstall EEM configuration for CA SDM server. You may configure LDAP options directly
It's only suggestion,
Many thanx for your help, I'm doing this right now!!
So, can you help me?
I deinstall the EEM configurations on SDM but now no one of the users can logon with users and passwords from LDAP...
I need to do something?! An pdm_ldap_sync or something like this?!
When i try to sync an especif user gives a error:
"No Target Members found because no Target LDAP Group Names specified"
can you confirm, ldap_enable_groups and ldap_group_object_class options installed on LDAP options?
and also are ldap_dn definitions right on cnt object (or on usp_contact table) for group contacts
You can check these