This article describes how user objects must contain a valid email address attribute before the account will provision into Amazon Web Services (AWS)
Applies to: Centrify Identity Service
Our organization uses Centrify for provisioning users into Amazon Web Services (AWS) and have noticed some users will provision while other user accounts will not. After comparing the user objects in Active Directory, the only difference noted is that some accounts do not have an email address and do not provision while accounts that do contain a valid email address are provisioned correctly.
Is this a known issue with Centrify provisioning?
User accounts must have a valid email address for the Centrify Identity Service to successfully provision to Amazon Web Services (AWS). This is expected behavior and will be added to online documentation in the near future to make this requirement clear for Centrify customers.
If the user account is updated with a valid mail attribute and a member of the correct provisioning role in the cloud manager, the account is expected to sync.