Sync Engine - Populating a target with a DN, based on source SamAccountName

Question

Hi. I'm looking to set up an update activity in One Identity Sync Engine that does the following: 
 Source record: SQL database entry, containing a computer name and an owner SAMAccountName 
 Target: mapped computer object in AD: 
 Forward sync rule: using the SAMAccountname in the SQL record find the DN, and write it to the ManagedBy field in the computer object. 
 The question is: how can this be done simply, without using a Get-QADUser PowerShell command in the forward sync rule? 
 I have a sample script that would perform a Get-QADuser, and return the DN. But that's really expensive. 
 There are thousands of records to update, and this would be really costly. 
 Is there a more elegant to do a lookup that would not require a get-qaduser query for every entry? 
 Thanks,

Terrance.Crombie · Answer

If you only have the samAccountName and need the DN, then it will be necessary to perform a lookup against the directory. I don't know if your sample script takes advantage of it, but there are several ways to make a Get-QADUser request more efficient. 
 
I would suggest leveraging both the -samAccountName parameter as well as the -DontUseDefaultIncludedProperties parameter.