This content has been marked as final. Show 3 replies
Yes, and it is what I intend to do.
But before I try to deal with the update task, the user must have the iPlanet User resource "provisioned". My guess is that the best way to give an iPlanet User resource to the user is by launching the "target" recon, instead of trying to provision it, because it will end up in error anyway, since the account already exist in the target.
My uncertainty is whether I have to tweak the iPlanet connector in any special way for it to work properly as a trusted "and" target source at the same time.
If I understood your requirement correctly, your thinking is not correct.
In your case, Sun LDAP is he trus ted source. When you run the trusted recon, it will bring account from target to oim and it will create user in oim and also it will link account in target system with oim. You dont have to run target recon. If you run target recon, again, it will try to bring updated information (if any) from target system to oim.
Since, your goal is to bring all target accounts into oim and do some update after that, just run the trusted recon to bring the users and their accounts into oim and then do the required update. No need of target recon in this use case.