A user's name changed, which also changed either their email address and/or login ID, causing a second account to be created in Service Manager.
This often happens when the LDAP import is set up with the Unique Identifier HEAT Contact Field Name set to either LoginID or PrimaryEmail, and that value has changed in Active Directory following an employee name change event.
The Unique Identifier HEAT Contact Field Name is a unique, primary key identifier for the import record, so when this value changes in Active Directory the import will no longer be able to match the record to the existing account in Service Manager, and so will create a new one.
To prevent this from occurring, the LDAP import can be set up to utilize a field for the Unique Identifier HEAT Contact Field Name that will never change in Active Directory. This will need to be mapped to a custom field in Service Manager to match the field from Active Directory.
Then when fields such as LoginID or PrimaryEmail are updated to reflect a name change event, the import will have an unchanging unique identifier to update the record in Service Manager with the same information.
Step by Step:
1) Select a field in Active Directory that will NEVER change, even if the employee's last name, email address, or loginID changes.
2) Create a new field on the Employee Business Object that will suit the field from Active Directory.
- Recommended to be a Unicode Text field, length as necessary for the field from AD
3) On the LDAP import "Field Mapping" page, in the Unique Identifier section, change the HEAT Contact Field Name to the new Custom field you just created on the Employee Business Object.
4) Under the HEAT Contact Field Mapping section, add the mapping from your new Custom field on the Employee Business Object to the selected field in Active Directory that will not change.
5) Click next through the import and save it.
Please always test configuration changes on a Staging environment before deploying into Production.