Skip to main content
J
J_David_L
Participant
January 22, 2025
Question

User Sync Tool - Users not added

  • January 22, 2025
  • 1 reply
  • 1063 views

Hello all,

 

I am running into an issue with the usage of the User Sync Tool. I have a process that is supposed to create and remove federatedID accounts of users based on when they on-board/off-board from our organization. It removes the accounts of Adobe Only users just fine, but it will not create accounts for new users. I've tried searching the documentation for the tool and can't see any reason why users would not be added to Adobe from the directory. In the log it shows that the number of directory users is greater than the number of Adobe users.

 

Is anyone aware of anything that would prevent users from being created in the Adobe portal?

 

Command line arguments:

sync --users all --adobe-only-user-action remove --update-user-info

 

And from the user-sync-config.yml

invocation_defaults:

adobe_only_user_action: preserve

adobe_users: all

connector: ldap

process_groups: False

strategy: sync

test_mode: True

update_user_info: False

users: mapped

1 reply

A
Community Manager
Anshul_NautiyalCommunity Manager
Community Manager
January 22, 2025

Hi @J_David_L,

It sounds like you're encountering an issue with the User Sync Tool where new federatedID accounts are not being created in the Adobe portal. Here are a few things to check and some resources that might help:

 

Ensure that the account running the User Sync Tool has the necessary permissions in the Adobe Admin Console to create users. Without the correct permissions, the tool may not be able to create new users.

Verify that your LDAP setup is correctly syncing with the Adobe Admin Console and that there are no issues with the LDAP server or user mappings. Ensure that new users are being properly mapped in the LDAP directory before the sync.

Double-check your user-sync-config.yml file to ensure all necessary configurations are correctly set. Specifically, verify that the connector and strategy settings are properly configured.

Review the logs for any specific error messages that might indicate why the accounts are not being created. The logs can provide insights into issues such as configuration errors.

 

For further assistance, you can refer to the following Adobe help articles:

User Sync Tool Setup and UMAPI & UST Errors.

 

Please let us know if you have any additional queries.

Regards,
^AN

J
J_David_LAuthor
Participant
January 23, 2025

Hi Anshul,

 

Thank you for the quick reply! I've looked into your suggestions.

 

  1.  "Ensure that the account running..." - I double-checked our project account and it has the UMAPI service associated with it. Is there any other permissions that it needs to have? I thought UMAPI would include user creation and deletion.
  2. "Verify that your LDAP setup..." - I don't think the LDAP is the issue. It is able to update user information successfully, it just won't create new uers. Additionally, the number of "directory" users which we are getting from LDAP is about what we would expect.
  3. "Double-check your user-sync-config.yml..." - I'm wondering if this is the issue. We don't have any user mapping for this process to assign user groups. Would that prevent users from being created in the portal?
  4. Our logs are set to INFO and I don't see anything obvious. I'll try again with DEBUG and see if any relevant information is shared.

 

Thanks again,

David

A
Community Manager
Anshul_NautiyalCommunity Manager
Community Manager
January 23, 2025

Hi @David33323793b4bl,

 

Thank you for following up and providing additional details. Based on your observations here are some refined suggestions to address the issue:

Ensure that the account running the User Sync Tool has System Administrator or User Group Administrator rights in the Adobe Admin Console for managing users effectively. Verify that the UMAPI (User Management API) integration is correctly configured with valid credentials.

 

In LDAP Configuration, check that required attributes (e.g., email and userPrincipalName) are properly mapped and that new users are included in the LDAP group or directory targeted by the sync. Confirm alignment between LDAP settings and the User Sync Tool's configuration.

 

Set the log level to DEBUG in your configuration or on the command line. Review the logs for entries related to "user creation" or errors that might provide insights into why users are not being added. Look for entries such as "action=add user" or "result=error.

 

Refer to the Adobe User Sync Tool documentation for guidance on specific parameters such as users, process_groups, and update_user_info. These settings may need adjustments to align with your organizational requirements.

 

Please let us know if you have any additional queries.

 

Regards,


^AN

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices