I have IDM 4.0.2 connecting to MAD. The last name changes correctly in
the IDV, however when it sends the changes to AD such as last name, the
error I get is (ATT_OR_VALUE_EXISTS), data 0, Att 4 (sn). However, if I
migrate the user manually from the vault to MAD, it works correctly
(changes last name and display name.)

level="error" type="driver-general">
<ldap-err ldap-rc="20" ldap-rc-name="LDAP_ATTRIBUTE_OR_VALUE_EXISTS">
<client-err ldap-rc="20"
ldap-rc-name="LDAP_ATTRIBUTE_OR_VALUE_EXISTS">Attribute Or Value
<server-err>00002081: AtrErr: DSID-030F1824, #1:
0: 00002081: DSID-030F1824, problem 1006 (ATT_OR_VALUE_EXISTS), data 0,
Att 4 (sn)

Also, I would like to know if I could also have our MAD driver set an
alternate Exchange address such as the new address would be the
first.lastname@domain.com, though they would also keep their old email
address but the new name would be the primary.


richreitenauer's Profile: https://forums.netiq.com/member.php?userid=7038
View this thread: https://forums.netiq.com/showthread.php?t=54285