Sync/Join Modes - Join and Both (Create/Join)

Selecting the Sync/Join Modes of Join and Both (combined Create/Join) allows for the linking and modification of pre-existing and previously synced Destination objects. There is an additional Sync/Join Mode option to Create only; please see that knowledge base article for a thorough description.

IMPORTANT NOTE: Join does not work with Office 365 (O365) Destinations. We cannot join with objects placed there by another synchronization process including Azure AD Connect. If you wish to sync objects to O365, please use UnitySync for forward compatibility.

Join

If you would like to update objects that already exist in your Destination directory, you can configure a connection to search for and link to these existing objects. One or more Join Queries are required to identify matches between Source and Destination. You may allow update of all (default) mapped attributes, or you may define only specific attributes to be updated using the Modify Attributes feature. In a Join connection, new objects are never created; instead, specific attributes of existing Destination objects are maintained and objects are never deleted (even if a Source object drops out of the scope of the sync).

Both - Create and Join combined

When you select Both for your Sync/Join Mode, the Create and Join functions are combined. When the connection runs, it will search for an existing Destination object. If an existing object is found, it will be updated. If no existing object is found, a new object will be added. In a combined Create/Join connection, Destination objects (created or joined) are maintained as the Source object changes. If a Source object is deleted (or goes outside the scope of the sync) the corresponding Destination object may be deleted.

Note: If you want to limit which attributes are affected on the Mod of existing objects, enter the desired Modifiable attributes on the Destination tab Modify Attributes parameter.

Reject On Match

When using Both for your Sync/Join Mode, you may limit which objects may be joined by using the Reject On Match feature. When enabled, only objects in the Destination Sync Container will be Joined. Remember, your Sync Container is determined by the Structure Name and/or Placement DN specified on the Destination tab. So, if a match is found in the Sync Container, the link will be made. If a match is found outside the configured Structure Name and/or Placement DN (Sync Container), no action is taken and a Join Match error is logged. Assuming Create is enabled, if no matching is object is found, then an ADD is performed.

Join Query

To utilize the functionality of Sync/Join Modes Join or Both, you must enter a valid LDAP query. This query may compare one or more Source attribute values to one or more Destination attribute values. We typically recommend using mail and proxyaddresses values, as they tend to be unique.

Join Query Example:

Recommended join query for Active Directory Source/Destination:

(|(mail=^mail^)(proxyaddresses=[proxyaddresses]))

Translation: (Dest mail = Source mail) OR (Dest proxyaddresses = Source proxyaddresses)

NOTE: You’ll need to adjust the attribute names for different directory types. For example, the proper query for Office 365 Source/Active Directory Destination is:

(|(mail=^primarysmtpaddress^)(proxyaddresses=[emailaddresses]))

Please contact our Technical Support team if you need assistance with the proper join query for your directory type.

Important Notes about Join Functionality

• When Joining with objects on an Active Directory (AD)/Exchange (Ex20xx) domain, UnitySync will query the Global Catalog to find the match. Therefore, the connection’s Destination IP must be that of a Domain Controller (DC) that contains the Global Catalog (GC). Always specify the standard LDAP port (389) when writing to AD but, since the Join will query the Global Catalog, the UnitySync server must also have access to read from the Global Catalog’s LDAP port 3268.

• The attribute specified in the Join Query as the Destination attribute for comparison must be in the Global Catalog and must be indexed.

• Join mode will find and link to any type of person object (i.e., User, Contact) or group object. As long as the Join Query matches, a link is established. If the query matches a User object, that User object will be linked. If the matching index is a Contact, that Contact will be linked.

• If Create is being used in conjunction with Join (Both), all Joined objects become owned by UnitySync. If your Delete Processing in the Join with Existing Objects section is set to Process Deletes, these objects may be deleted by UnitySync if they fall outside the scope of the Source. If you want straight Join functionality that will never delete your existing objects you should instead select Join as your Sync/Join Mode or alternately, set Process Deletes to ‘Ignore Deletes’.

For more information, refer to the Join With Existing Destination Objects topic of the UnitySync Administrator’s Guide. Of course, you can also discuss your options for your specific situation with our Technical Support team for assistance with your configuration.