Certain destination mappings, marked as "Unique", must be unique for each individual user. These include the following fields:
- Active Directory: sAMAccountName, userPrincipalName
- GSuite: primaryEmail
- Azure: userPrincipalName
If multiple users might have identical mappings for these fields, you can provide username generation rules that will map alternate values for those fields in case of conflicts. You can navigate to this module by clicking the button next to the desired mapping. To change the priority of any alternate mapping, you can click the up and down arrows. The "Default" mapping is highest priority. The "1st" alternate is next highest priority, and so on.
Active Directory Dynamic Mappings
In an Active Directory destination, you can create a mapping for sAMAccountName and then use this mapping in other mappings. This sAMAccountName mapping can then be used in other mappings, including both default and custom mappings. In the example below, sAMAccountName is mapped using the givenName and surname fields, and then the userPrincipalName is mapped using sAMAccountName. This dynamic mapping is only available for Active Directory's sAMAccountName field.
Active Directory Account Controls
OneSync provides additional mappings and options for Active Directory destinations. These include User Account Controls and Password Policies. Note that if you set any password policies, you will be required to map a password in default mappings.
To map to a custom attribute or property in a destination, you can first set your own attribute on the destination details page. This attribute will then appear in mappings in the Default Mappings and Custom Mappings pages. (Note: This feature is currently only active for Active Directory destinations)
Password Synchronization (Active Directory & GSuite)
OneSync does not currently offer the ability to sync passwords from Active Directory to GSuite. However, Google offers a tool to sync passwords which can be found here.