When importing users from LDAP/AD servers if there is a conflict or the users were not successfully imported, they are listed under ‘Conflicted Users’.
This is majorly due to changes in user details from the AD end.
Scenario 1: ‘Jack’ is a user in Bangalore OU and so as in SapphireIMS. Later he was moved to Delhi OU in AD and the same will get updated to Sapphire during the AD sync. Since the user was already part of Bangalore OU and now updated in Delhi OU as well, the tool will detect a conflict in username and mark this user as ‘Conflicted User’.
Scenario 2: Before SAPP_5003 patch, if AD1 is having user ‘Jack’ and AD2 is also having a user with the same name ‘Jack’ then the first imported user will be active in SapphireIMS and the second user goes to conflicted because the name is the same(‘Jack’ ).
But starting from SAPP_5003, it will create as DomainName\Username and it will not go to conflict.
Scenario 3: AD1 is having user ‘Jack’ and got imported successfully in SapphireIMS. Then customer deletes the ‘Jack’ user in AD1 and creates the same username ‘Jack ’ in AD1. When subsequent import happens, then earlier imported AD1’Jack’ user will go to a deleted state whereas new ‘Jack’ user will go to conflicted state.
Later the admin can validate the changes in user details and ‘Merge’ the entries as per the requirement.
Steps to Merge Conflicted User:
- Go to Settings > User Management > Users > Conflicted Users
- Select the user and click on the ‘Merge’ button
- Go to Settings > User Management > AD and LDAP Integration > LDAP Configuration
- Select the LDAP configuration and click on the ‘FullSync’ button
- Wait for the job to finish and check the user status