I have a source managed/user(idm) and target AD. I didn’t define any correlation script in sync.json up on reconciliation it create accounts in AD. off course I defined a connector for AD and attribute mapping in sync.json it creates accounts in AD not sure on what basics it determines the abscence of that user in AD and created the accounts.
In AD connector i had mentioned unique attribute is cn. pls explain how correlation works i read the document but its unclear.thanks
When no correction query is defined, and no synchronisation has be performed before, the synchronisation engine assumes that there are no entries to correlate with and therefore assumes a CREATE situation. On next reconciliation runs, the synchronisation engine then uses the link table to correlate between source and target. In this case the correlation associates the managed _id with AD’s GUID. Not configuring a correlation query is fine when starting with a blank target. However, with an existing data source, defining the correlation query is necessary to ensure IDM updates the entries rather than creating duplicates. Does this make sense?