When configuring an LDAPLDAP (Lightweight Directory Access Protocol) An open, cross platform protocol used for interacting with directory services. to System for Cross-domain Identity Management (SCIM)System for Cross-domain Identity Management (SCIM)SCIM An application-level, HTTP-based protocol for provisioning and managing user identity information. SCIM supplies a common schema for representing users and groups and provides a REST API. Sync Pipe, consider the following:

Use scim-resources.xml for attribute and DN mappings
There are two layers of mapping: once at the Sync Class level and again at the SCIM Sync Destination level in the scim-resources.xml file. To reduce complexity, do all possible mappings in the scim-resources.xml file.
Avoid groups unless the SCIM ID is DN based
Group synchronization is supported if the SCIM ID is based on the distinguished name (DN)distinguished name (DN)DN A name uniquely identifying an object within the hierarchy of a directory tree.. If the SCIM ID is not the DN itself, it must be one of the components of the RDN, meaning that the DNs of group members must contain the necessary attribute.
SCIM modifies entries using PUT
The SCIM Sync Destination modifies entries using the full HTTP PUT method. For every modify, SCIM replaces the entire resource with the updated resource. For information about the implications of this on password updates, see Password considerations with SCIM.