We have had a few staff members get married and need their name changed. We make the edits in AD and I believed that KACE would update accordingly. Instead, it just creates a new user with the new last name. How can KACE be set up to update the existing user instead of making a new one?

0 Comments   [ - ] Hide Comments


Please log in to comment

Answer this question or Comment on this question for clarity


This content is currently hidden from public view.
Reason: Removed by member request
For more information, visit our FAQ's.

This content is currently hidden from public view.
Reason: Removed by member request
For more information, visit our FAQ's.

Kace uses a database for users.

Each entry will have attributes such as Name, last name, email, samaacountname, telephone etc. 

One of those attributes needs to be the Primary Key, that means the unique value, this is a string that is unique to a person, let's say ID or sometimes email is a good Primary Key. 

The kbox does not sync with AD FYI, the kbox will just import new users and update values. 

So depending who you guys configured your Ldap imports... The kbox will update or create new entries based on the primary key. 

If email is your Primary Key and your email changes because you are now married.... The Kbox will say you are a new user. 

The Primary Key, when picking an attribute you gotta be careful, make sure is indeed unique and will not change. 
Answered 03/13/2018 by: Channeler
Ninth Degree Black Belt

  • I cannot find where to set a primary key in the LDAP settings in KACE. Where is that?
    • Cheking the attributes mapping from your current LDAP import schedule (the one with the bell In LDAP authentication). You might have more than one depending on scope and roles

      Anyway, there, step 2 o 3, is "Define mapping between User attributes and LDAP attributes"

      Post a picture of your current mapping.
      • I put the picture in the origianl question as I have not figured out how to post an image as a reply or comment.
    • OK i see your screenshot... so...

      Why is it Primary Email mapped to the attribute "userprincipalname" ?

      Primary Email is part of the Primary key, this explains why you are creating new users instead of updating existing ones, every-time a user import from LDAP happens.

      Primary email should be mapped to the AD attribute named "mail"

      • To be honest, this was set up prior to my hire and I have not reviewed it before now. I will review this and see what is the best course of action. My concern now is that changing it will cause everyone to be duplicated. Meaning there would be a lot of cleanup if I have to go in and change tickets, inventory, and devices.
        I was not able to view the image that your linked in the post above.
Please log in to comment