Overriding default No-Mod-Attribs

Created: 2018-02-09 13:39:25
Modified: 2019-06-28 10:22:42
Tags: Custom Mapping UnitySync

By default, some attributes are defined as No-Mod-Attribs. As such, this attribute that will only ever be set on object creation, and not modified on subsequent syncs.

Some destination attributes should never be removed from the No-Mod-Attribs list (such as objectclass and samaccountname). However, if you do find cause to remove attributes from the default list you can override the default list by adding a parameter to the connections raw config.

IMPORTANT NOTE: Please test this option to ensure your decision to allow modification of the attribute is valid and has the desired effects!

To Perform the Override

In your connection, under the Custom tab, click Raw Config.

The following is the DEFAULT list that is set internally. So you will NOT find this list in the config file by default.

cn,grouptype,homemdb,homemta,instancetype,legacyexchangedn,msexchhomeservername,msexchmasteraccountcontrol,msexchmasteraccountsid;binary,name,objectclass,pwdlastset,samaccountname,useraccountcontrol,userprincipalname

In the raw config, insert the following entire string. Note that this should be entered as one long line, which starts with the parameter name no-mod-attribs= and is followed by a comma separated list of attribute names. NOTE: NO spaces and NO carriage returns.

no-mod-attribs= cn,grouptype,homemdb,homemta,instancetype,legacyexchangedn,msexchhomeservername,msexchmasteraccountcontrol,msexchmasteraccountsid;binary,name,objectclass,pwdlastset,samaccountname,useraccountcontrol,userprincipalname

Now, remove an attribute you wish to allow to be modifiable (i.e. useraccountcontrol). Be sure to leave the rest of the list exactly as-is and maintain the NO spaces and comma separation.

Click Save.

The next time you run a Simulation, look at the level 3 log file and search for “No Mod Attribs”. In addition to the setting shown in the parameter settings at the top of the log, you will find this override entry a bit further down.

NOTE: Please test this option to ensure your decision to allow modification of the attribute is valid and has the desired effects! Sync to an existing destination object, triggering a Modify. You should see this attribute now updates when the object is modified.

Share this article:
Knowledgebase

Directory
  1. Directify - Self Service

  2. Mimic - Replication

  3. UnitySync - Sync
Password
  1. emPass - Sync
Obsolete
  1. Profiler
  2. SimpleSync