Known issues for provisioning through an LDAP gateway

The following are known issues or limitations with provisioning through an LDAP gateway.

PingOne does not support concurrency for LDAP inbound provisioning using the same gateway connection, even with different User Base DNs.
For bi-directional LDAP sync, ensure that the attribute mappings on both rules are identical.

PingOne does not maintain directory hierarchy on outbound to be the same as inbound.
In the expression builder, you can use only LDAP attributes that are part of the default attribute list. As a workaround, you can use the ADD feature to map the needed attribute and use it in the expression.
The LDAP filter currently does lexicographical comparison for numeric values.
In Active Directory, deleting an OU that contains users might not deprovision users in PingOne.
PingOne does not support moddn operations.
PingOne does not support updating the uid attribute value.