ServiceDesk

Hello, I am hoping I am hoping someone can help me with a AD Sync question/problem.  I have a few user's that have 2 AD accounts (there real account and a test account).  Unforunately there email address was added in active directory to both user's so when ServiceDesk ran it's synch it only brought over the test account for these user's and not there actual account they use everyday.  What is the process I need to go through to get there real account to come into ServiceDesk.  I tried removed the user's email address from there test account and rerunning the AD synch but still only the test accounts show for these user's.  I also tried unchecking the "Is Active" box for these test AD accounts in ServiceDesk and rerunning the synch but still the user's actual account has not been imported into ServiceDesk.  This is causing an issue as these user's can't log into ServiceDesk due to ServiceDesk only having there test AD account loaded.  Any help would be great, thanks!

Depends on what version of SD you're running. In Workflow 7.1 SP2, you could build a sync that consists of an LDAP query isolating only that user, and run this sync, say, immediately after the main sync (this is an example)

did you update your SMP server AD sync also ? If you didnt then it would sync either. 

I had the oppisate problem where both id's came over and we could not figure out which ones to pick when assigning a ticket to  person. I had the users AD name adjusted to reflect -admin in the last name. This then made it easier to pick. 

Also did you check what OU's that you are pulling in. If it is not being imported than it does not sound like its OU is being selected. 

I am running ServiceDesk 7.1 SP2.

I ran the SMP active directory import and that didn't fix the issue. 

I did find a temporary solution I read in these foumns but not sure if it is the right one or not.  I created a user in ServiceDesk called "DeletedUser" and then merged a test account with that user.  Then I reran the AD synch and it brought over the actual user's AD account and not the test.

Again not sure if this is the solution or not or what the ramifications are going to be by doing this. 

Cesar, where do you enter these lines.  In SQL?

Thanks!

good morning
I had the same problem, my client had two login users of AD, one for equipment and one for terminal services.

Were synchronized terminal services users, and settled by database, that was 2 months to 30 users and does not present problems and even when we use this query shows the problem.

the problem:
The User Cesar Echeverria have two AD users: Dominio\CesarE and Dominio\TSCesarE

Synchronized user by: Dominio\TSCesarE
 

the solution:
 

1. log into the SQL Server to the ProcessManager database and run this Query:

UPDATE[User]

SET  ADLoginName = ' Dominio\CesarE'

whereADLoginName = ' Dominio\TSCesarE '

2. then go back and sync: ServiceDesk with AD.

I recommend that the test users have a separate OU, which is not in the profile ServiceDesk sincrinizacion 

jasonhopp update my solution with images

Are you sure that will work? if you do a reset sync all data in the dbo.user table gets overwritten by the AD import 

I'm pretty sure.

 Executes the query, update after the sync, and test user logon
 if user can not login reset sync run
 is true that will return to import everything, but the internal user ID ServiceDesk not change, so do not hurt anything.

 As I told you, i did this procedure for 30 users. and today I did for a user.

I tried the SQL query and it did not work.  Still had the test user account.  So right now the only way I see to do this is merge these test user's with the "Deleted User" account I created and then run a Reset Synch in Service Desk.  Is the Reset Synch something that should not be ran??

.

UPDATE[User]

SET  ADLoginName = ' Dominio\CesarE'  ----real User

whereADLoginName = ' Dominio\TSCesarE '  --- test user

That is what I tried and the test user was still in ServiceDesk and the actual user was not.  This is suppose to delete the test user and add the real user correct?

Jason - maybe changing the import from a straight Users import to an LDAP query where you exclude the samaccountname=(test account name) or based on some attribute that is not in your active users.  I did this to ensure that only valid employees, those with the employeeID attribute populated were imported.

My LDAP filter for only users with employeeID  is - (&(objectCategory=person)(objectClass=user)(employeeID=*))

steve

ther it is, what it does is telling the ServiceDesk database that will have another id usuaro AD (the real) and then sync with AD and ready ... No complicated, follow my steps to the letter and you solve ..