When a new Employee account is generated in Manager, the central account value is being appended with a '1'.
For example, employee John Smith should have a central account name of 'JSmith', however the Central user account value (CentralAccount@Person) is JSmith1. However, there are no other John Smiths in the database and the issue occurs at random.
This is due to the SQL function 'QERCentralAccount'. This function determines all account names from the different tables (Person, AD, SAP, SharePoint, …).
However, this function also loads all email addresses and removes the domain (@thedomain) from the addresses, this account name will will be checked as well.
So to list all objects which will be checked by the function "SearchCentralAccount" you have to call the function "QER_FTCentralAccount" (it returns both parts), not just the view "QERCentralAccount" (which returns only the 1st part).
Example:
select * from QER_FTCentralAccount('JSmith%')
The script loops over all entries in the returned list. Therefore, all account names which are owned by the current Employee (regarding the returned column "ObjectKeyPerson") will be ignored, but all entries for other Employees will be used for the calculation of the CentralAccount@Person value. If the calculated account name is already in use it appends a "1" and checks again.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center