Proofpoint TPAD01 Exam - Topic 2 Question 2 Discussion

In Proofpoint user import and authentication profile configuration, the primary key should be set to a stable identity attribute that does not change when a user's display name or email address changes. Proofpoint's LDAP import guidance specifically points administrators toward using UID as the primary key. That matters in exactly the scenario described here: when a person changes their name and therefore receives a new email address, using the email address itself as the primary key would make the import process treat the updated record as if it might be a different user. By contrast, using a stable directory attribute such as uid allows Proofpoint to associate the updated email address with the same underlying user object. Setting the primary key to a full name would be unreliable because names can change and may not be unique. Keeping the old email address as the key defeats the purpose of matching the updated identity. Using the new email address as the key still makes the key dependent on a mutable attribute. The course's User Management section emphasizes directory sync and import behavior, and the support guidance for importing users and groups from LDAP/AD explicitly references UID as the primary key mapping to use for this kind of identity continuity. Therefore, the correct answer is to change the primary key to match the uid attribute.