eADM
eADM
Breadcrumbs

How to Restore a User Anchor in eADM

This guide explains what User Anchors are in eADM provides instructions for administrators on how to restore them. Restoring an anchor is necessary to re-establish a broken link between a user in eADM their corresponding account in an external system.


What is a User Anchor?

A User Anchor is the link between a user profile in eADM the user's account in an external system, such as Active Directory (AD), Microsoft Entra ID (formerly Azure AD), or Public 360. The anchor is a value that uniquely identifies the user in that external system.

  • For on-premises Active Directory and Microsoft Entra ID, the User Anchor is typically the user's

    ObjectGUID.

  • For other specialized systems, the unique ID used as the anchor will vary.


How to Restore a User Anchor

Any user with administrator-level permissions in eADM perform this procedure.

  1. Log in to the eADM .

  2. Search for and select the user whose anchor you need to restore.

  3. Go to the Anchors tab.

  4. In the list of connected systems, locate the system for which you want to restore the anchor.

  5. Click the restore icon (which looks like a recycling symbol) in the corresponding row. If your Identum eADM is running with deltasync enabled, the user will be resynced immediately.

The Restoration Process

When you initiate a restore, the existing User Anchor for the selected system is deleted. The following process then takes place during the next synchronization cycle:

  • Matching Attempt: eADM to find a matching user in the target system. It does this by comparing a designated field in the external system with a corresponding value in eADM. This matching field is internally referred to as the "merge attribute."

  • Successful Match: If eADM an existing user that matches the record in eADM, the User Anchor is recreated, re-linking the two accounts. The user object in the target system is then updated with the current attribute values from eADM, as defined in the synchronization template. This is equivalent to a full export operation.

  • No Match Found: If eADM find a matching user, it will create a new user account in the external system and generate a new User Anchor for the user in eADM.


Example: In a typical Active Directory integration, eADM search for a user with either:

  • A match sample account name.

  • A matching employee number or national identification number in the employeeID or employee number attributes.

The specific attributes used depend on the configuration agreed upon for your organization.

Warning: Group memberships are not reapplied when you restore a User Anchor. To update a user's group memberships, you must locate and restore the specific group(s).