Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.

This article describes how to synchronize inactive users via LDAP connection to Smart ID Identity Manager (there is also a use case to Synchronize active LDAP users to Identity Manager). Existing users in Identity Manager will be updated. The tool used to set up the synchronization is Identity Manager Admin. The batch synchronization can also be started manually from Identity Manager Operator. Read more here: section "View status of batch job" in Set up scheduled jobs in Identity Manager.

Expand/Collapse All


Step-by-step instruction for the administrator

  1. Log in to Identity Manager Admin with your administrator account.

To set up scheduling of the synchronization:

  1. In Identity Manager Admin, go to Home > Batch Synchronization.
  2. Select Synchronize inactive LDAP Users to Identity Manager.
  3. To adjust the scheduler, type the appropriate cron expression in Expression to schedule the job.
  4. Click Save.

To see this update in Identity Manager Operator, you must click Clear cache in the Identity Manager Operator UI.

Use case details

Use case description

As an administrator I want to sync inactive users via LDAP connection to Identity Manager

  • User is created in Identity Manager if the user does not exist
  • End state for user = "inactive"
  • End state for related credentials = "inactive"/"locked", see details below
  • End state for related certificates = "on hold"/"revoked", see details below
  • The relation from user to credentials still exists
  • All roles for the user are withdrawn
Related credentialsCredentials - end stateCertificates - end state
Card and related certificatesinactiveon hold
Temporary card and related certificateslockedrevoked
Virtual smart card and related certificatesinactiveon hold
Mobile ID and related certificatesinactiveon hold
Soft token and related certificatesinactiveon hold
Symbolic name


Process nameSynchronize inactive LDAP Users to Identity Manager
ComponentIdentity Manager Admin
Process startBatch synchronization
Executable forAdministrator


There are no options for this use case.

Use case scenarios

  • An operator wants to synchronize inactive users from LDAP into Identity Manager

Related information