Print this page

Active Directory (AD) Account's are not visible within the Identity Connect admin UI

Knowledge Article Number 000214240
Description Identity Connect Live Sync is not working for some of the users even if they try to do a Manual sync. The user account is not appearing in the "User Association Management" under "Sync" section.
Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks and is included in most Windows Server operating systems as a set of processes and services.

NOTE: All of the following steps assume that the AD Account is active and not disabled in your ADFS (Active Directory Federation Services) server. For activating the AD account you will need to contact your ADFS system admin.

In order to fix issues related AD Accounts not visible within the Identity Connect admin user interface, we can try the following steps:
1. Navigate to the Mapping page within Identity Connect and enter the name of the AD Account within the 'Sample User' field :
   a) If the user "IS" visible on the mapping page then the Identity Connect DataSource configuration is correct
   b) If the user "IS NOT" visible on the mapping page then the IC DataSource configuration should be verified.
2. Verify the Identity Connect Data-Source configuration. Specifically confirm that:
   a) The Base Contexts specified include the AD Account which is not visible in the Identity Connect user interface
   b) Ensure that the specified User Filter does not restrict visibility of the AD Account
3. If the AD Account is not visible on the Identity ConnectSync page then:
   a) Click the 'Analyze Associations' button on the Identity Connect Sync page. The data displayed within the Sync page is a Cached copy of the AD account and Salesforce User information and therefore may be out of date.
   b) Check the 'Other Users' within the Sync page and ensure that the account in question is not in the ignored list or one of the other lists.
4. Check that there are no special characters within the AD Account domain name.

In case the user is still not visible after verifying all of the steps mentioned above please contact Salesforce support.

promote demote