Saviynt Forums

Community_User · ‎04/12/2022

Originally posted on October 14 2020 at 09:38 UTC

I would like to create AD connection for admin account.

Below is Create Account JSON, I am getting invalid argument error.

Basically, samaccountname will be systemusername-1

UPN will be systemusername-1@company.com

Could you please check what's the issue?

{

"accountExpires": "0",

"description": "${user.displayname!=null?'Admin account for '+user.displayname:''}",

"displayName": "${user.customproperty17!=null?'Admin account for '+user.customproperty17:''}",

"employeeID": "${user.employeeid != null ? user.employeeid : ''}",

"employeeType": "${user.employeeType != null ? user.employeeType : ''}",

"givenName": "${user.preferedFirstName!=null?user.preferedFirstName:''}",

"objectClass": ["top", "person", "organizationalPerson", "user"],

"sAMAccountName": "${user.systemUserName}+'-1'",

"sn": "${user.customproperty3}",

"userAccountControl": "512",

"userPrincipalName": "${user.systemUserName}+'-1@company.com'",

"extensionAttribute10": "${user.email}"

}

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on October 14 2020 at 10:08 UTC

I think you need to provide the cn attribute in the CreatAccountJSON. Check AD connector guide samples in Freshdesk.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on October 14 2020 at 10:23 UTC

Thank you. I added CN in the JSON but still getting same error

{

"accountExpires": "0",

"cn": "${user.systemUserName}+'-1'",

"description": "${user.displayname!=null?'Admin account for '+user.displayname:''}",

"displayName": "${user.customproperty17!=null?'Admin account for '+user.customproperty17:''}",

"employeeID": "${user.employeeid != null ? user.employeeid : ''}",

"employeeType": "${user.employeeType != null ? user.employeeType : ''}",

"givenName": "${user.preferedFirstName!=null?user.preferedFirstName:''}",

"objectClass": ["top", "person", "organizationalPerson", "user"],

"sAMAccountName": "${user.systemUserName}+'-1'",

"sn": "${user.customproperty3}",

"userAccountControl": "512",

"userPrincipalName": "${user.systemUserName}+'-1@company.com'",

"extensionAttribute10": "${user.email}"

}

Error while creating account in AD - [LDAP: error code 80 - 00000523: SysErr: DSID-031A124A, problem 22 (Invalid argument), data 0 ]

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on October 14 2020 at 10:46 UTC

Problem resolved

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on December 20 2021 at 10:18 UTC

HOw did the Issue resolve? I have the similar Issue

Error while creating account in AD - [LDAP: error code 80 - 00000523: SysErr: DSID-031A12C8, problem 22 (Invalid argument),

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User · ‎04/12/2022

Originally posted on December 20 2021 at 20:44 UTC

Andy,

Based on the JSON shared above, I do not think you can pass the userAccountControl to Active Directory at the time of creation.

Active Direcory will determine the UAC once the account is created.

If this is not your issue, please check the logs that might help determine the root cause.

Rgards,

Avinash Chhetri

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.