Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/26/2024 05:28 AM - edited 06/26/2024 05:29 AM
We have an issue while creating a duplicate account in AD.
Fresh user account is getting created in the OU but the issue is when we try to create one more account with the same firstname and lastname in the same OU but with different email and samaccountname.
Below is the Accountname rule:
CN=${user.lastname+'\\, '+user.firstname},${if(user.employeeType.equals('Contractor')){user.customproperty10} else if (user.employeeType.equals('RETAIL')) {'OU='+user.customproperty10+',OU=Retail,DC=local'}}###CN=${user.lastname+'1'+'\\, '+user.firstname},${if(user.employeeType.equals('Contractor')){user.customproperty10} else if (user.employeeType.equals('RETAIL')) {'OU='+user.customproperty10+',OU=Retail,DC=local'}}###CN=${user.lastname+'2'+'\\, '+user.firstname},${if(user.employeeType.equals('Contractor')){user.customproperty10} else if (user.employeeType.equals('RETAIL')) {'OU='+user.customproperty10+',OU=Retail,DC=local'}}
The error we are getting is:
Even though the account is active in AD with useraccountcontrol set to 512.
06/26/2024 05:38 AM
@Shubhamjain27 Did you configure the CHECKFORUNIQUENESS in connection?
06/26/2024 05:46 AM - edited 06/26/2024 05:49 AM
No, I did not.
If i am already setting up the accountname rule to check if the first already exists, use another.
Just for DN do I need checkforuniqueness attribute?
And in the comments, it says inactive account alreeady exists which is an active account in AD
06/26/2024 05:52 AM
Hi @Shubhamjain27 , can you mark reuseinactiveaccount to "FALSE"
06/26/2024 06:00 AM
Its working but not sure why the account is getting created as inactive. Below is the createjson:
{
"accountExpires": "0",
"c": "US",
"cn": "${cn}",
"co": "United States",
"company": "",
"department": "${user.departmentname!=null?user.departmentname:''}",
"description": "${user.title != null && user.departmentname!= null && user.customproperty28 == null ?user.title+' - '+user.departmentname: user.customproperty28}",
"displayname": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"employeeID": "${user.username}",
"employeeType": "${user.employeeType != null ? user.employeeType : ''}",
"extensionAttribute1": "${user.customproperty19!=null?user.customproperty19:''}",
"extensionAttribute14": "",
"extensionAttribute2": "${user.customproperty18!=null?user.customproperty18:''}",
"extensionAttribute3": "${user.username!=null?'A'+user.username:''}",
"extensionAttribute4": "X",
"extensionAttribute5": "2",
"extensionAttribute6": "LOCL",
"extensionAttribute7": "G",
"extensionAttribute8": "BUK-1000",
"extensionAttribute9": "${user.customproperty11!=null?user.customproperty11:''}",
"extensionAttribute10": "ZW10T",
"extensionAttribute11": "QE1CLNT100",
"extensionAttribute12": "ER1CLNT100",
"extensionAttribute13": "${user.customproperty12!=null?user.customproperty12:''}",
"manager": "${ if (managerAccount == null || managerAccount?.accountID == null || managerAccount?.accountID == '' ){''} else {managerAccount?.accountID} }",
"facsimileTelephoneNumber": "${user.customproperty14 != null ? user.customproperty14 : ''}",
"givenName": "${user.firstname!=null?user.firstname:''}",
"l": "${user.city != null ? user.city : ''}",
"mail": "${user.email != null ? user.email : ''}",
"mailNickname": "${user.systemUserName}",
"name": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"physicalDeliveryOfficeName": "${user.location!=null?user.location:''}",
"postalCode": "${user.regioncode!=null?user.regioncode:''}",
"sAMAccountName": "${user.systemUserName}",
"sn": "${user.lastname}",
"st": "${user.state != null ? user.state : ''}",
"streetAddress": "${user.street!=null?user.street:''}",
"telephoneNumber": "${user.customproperty13 != null ? user.customproperty13 : ''}",
"title": "${user.title!=null?user.title:''}",
"userAccountControl": "512",
"pwdLastSet": "0",
"userPrincipalName": "${user.systemUserName+'@mybobstest.com'}",
"wDCostCenterID": "${user.costcenter!=null?user.costcenter:''}",
"wDHomeCellPhone": "${user.phonenumber!=null?user.phonenumber:''}",
"wDjobCode": "${user.jobCode!=null?user.jobCode:''}",
"wdJobFam": "${user.customproperty7!=null?user.customproperty7:''}",
"wdJobFamGrp": "${user.customproperty6!=null?user.customproperty6:''}",
"wDWorkCellPhone": "${user.secondaryPhone!=null?user.secondaryPhone:''}",
"extUISponsor": "${if (user.employeeType.equals('Contractor')){user.owner} else ''}",
"extUserCompany": "${if (user.employeeType.equals('Contractor')){user.companyname} else ''}",
"extUserEmailAddress": "${if (user.employeeType.equals('Contractor')){user.customproperty26} else ''}",
"proxyAddresses":"${'SMTP:' + user.email}"
}
Also we are not deleting the account for termination and only inactivating them. Later we are going to have rehires if we turn on the config, it will create a new account right?
We dont want that to happen in rehire.
06/26/2024 07:28 AM
@Shubhamjain27 after marking it false did it work ..is that what you are stating?
06/27/2024 07:53 AM
That is correct. Its working after making it false.
The question is : We are mapping useraccountcontrol as 512 for new accounts, but then why AD is taking them as inactive accounts?
06/27/2024 07:57 AM - edited 06/27/2024 08:00 AM
@Shubhamjain27 , can you share create account json
06/27/2024 08:27 AM
{
"accountExpires": "0",
"c": "US",
"cn": "${cn}",
"co": "United States",
"company": "",
"department": "${user.departmentname!=null?user.departmentname:''}",
"description": "${user.title != null && user.departmentname!= null && user.customproperty28 == null ?user.title+' - '+user.departmentname: user.customproperty28}",
"displayname": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"employeeID": "${user.username}",
"employeeType": "${user.employeeType != null ? user.employeeType : ''}",
"extensionAttribute1": "${user.customproperty19!=null?user.customproperty19:''}",
"extensionAttribute14": "",
"extensionAttribute2": "${user.customproperty18!=null?user.customproperty18:''}",
"extensionAttribute3": "${user.username!=null?'A'+user.username:''}",
"extensionAttribute4": "X",
"extensionAttribute5": "2",
"extensionAttribute6": "LOCL",
"extensionAttribute7": "G",
"extensionAttribute8": "BUK-1000",
"extensionAttribute9": "${user.customproperty11!=null?user.customproperty11:''}",
"extensionAttribute10": "ZW10T",
"extensionAttribute11": "QE1CLNT100",
"extensionAttribute12": "ER1CLNT100",
"extensionAttribute13": "${user.customproperty12!=null?user.customproperty12:''}",
"manager": "${ if (managerAccount == null || managerAccount?.accountID == null || managerAccount?.accountID == '' ){''} else {managerAccount?.accountID} }",
"facsimileTelephoneNumber": "${user.customproperty14 != null ? user.customproperty14 : ''}",
"givenName": "${user.firstname!=null?user.firstname:''}",
"l": "${user.city != null ? user.city : ''}",
"mail": "${user.email != null ? user.email : ''}",
"mailNickname": "${user.systemUserName}",
"name": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"physicalDeliveryOfficeName": "${user.location!=null?user.location:''}",
"postalCode": "${user.regioncode!=null?user.regioncode:''}",
"sAMAccountName": "${user.systemUserName}",
"sn": "${user.lastname}",
"st": "${user.state != null ? user.state : ''}",
"streetAddress": "${user.street!=null?user.street:''}",
"telephoneNumber": "${user.customproperty13 != null ? user.customproperty13 : ''}",
"title": "${user.title!=null?user.title:''}",
"userAccountControl": "512",
"pwdLastSet": "0",
"userPrincipalName": "${user.systemUserName+'@mybobstest.com'}",
"wDCostCenterID": "${user.costcenter!=null?user.costcenter:''}",
"wDHomeCellPhone": "${user.phonenumber!=null?user.phonenumber:''}",
"wDjobCode": "${user.jobCode!=null?user.jobCode:''}",
"wdJobFam": "${user.customproperty7!=null?user.customproperty7:''}",
"wdJobFamGrp": "${user.customproperty6!=null?user.customproperty6:''}",
"wDWorkCellPhone": "${user.secondaryPhone!=null?user.secondaryPhone:''}",
"extUISponsor": "${if (user.employeeType.equals('Contractor')){user.owner} else ''}",
"extUserCompany": "${if (user.employeeType.equals('Contractor')){user.companyname} else ''}",
"extUserEmailAddress": "${if (user.employeeType.equals('Contractor')){user.customproperty26} else ''}",
"proxyAddresses":"${'SMTP:' + user.email}"
}
06/27/2024 10:13 AM
{
"accountExpires": "0",
"c": "US",
"cn": "${cn}",
"co": "United States",
"department": "${user.departmentname != null ? user.departmentname : ''}",
"description": "${user.title != null && user.departmentname != null && user.customproperty28 == null ? user.title + ' - ' + user.departmentname : user.customproperty28}",
"displayName": "${user.displayname != null ? user.displayname : user.lastname + ', ' + user.firstname}",
"employeeID": "${user.username}",
"employeeType": "${user.employeeType != null ? user.employeeType : ''}",
"extensionAttribute1": "${user.customproperty19 != null ? user.customproperty19 : ''}",
"extensionAttribute2": "${user.customproperty18 != null ? user.customproperty18 : ''}",
"extensionAttribute3": "${user.username != null ? 'A' + user.username : ''}",
"extensionAttribute9": "${user.customproperty11 != null ? user.customproperty11 : ''}",
"extensionAttribute13": "${user.customproperty12 != null ? user.customproperty12 : ''}",
"manager": "${managerAccount?.accountID != null ? managerAccount.accountID : ''}",
"givenName": "${user.firstname != null ? user.firstname : ''}",
"l": "${user.city != null ? user.city : ''}",
"mail": "${user.email != null ? user.email : ''}",
"mailNickname": "${user.systemUserName}",
"name": "${user.displayname != null ? user.displayname : user.lastname + ', ' + user.firstname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"physicalDeliveryOfficeName": "${user.location != null ? user.location : ''}",
"postalCode": "${user.regioncode != null ? user.regioncode : ''}",
"sAMAccountName": "${user.systemUserName}",
"sn": "${user.lastname}",
"st": "${user.state != null ? user.state : ''}",
"streetAddress": "${user.street != null ? user.street : ''}",
"telephoneNumber": "${user.customproperty13 != null ? user.customproperty13 : ''}",
"title": "${user.title != null ? user.title : ''}",
"userAccountControl": "512",
"userPrincipalName": "${user.systemUserName + '@mybobstest.com'}",
"wDCostCenterID": "${user.costcenter != null ? user.costcenter : ''}",
"wDHomeCellPhone": "${user.phonenumber != null ? user.phonenumber : ''}",
"wDjobCode": "${user.jobCode != null ? user.jobCode : ''}",
"wdJobFam": "${user.customproperty7 != null ? user.customproperty7 : ''}",
"wdJobFamGrp": "${user.customproperty6 != null ? user.customproperty6 : ''}",
"wDWorkCellPhone": "${user.secondaryPhone != null ? user.secondaryPhone : ''}",
"extUISponsor": "${user.employeeType == 'Contractor' ? user.owner : ''}",
"extUserCompany": "${user.employeeType == 'Contractor' ? user.companyname : ''}",
"extUserEmailAddress": "${user.employeeType == 'Contractor' ? user.customproperty26 : ''}",
"proxyAddresses": "${'SMTP:' + user.email}"
}
06/28/2024 12:57 AM
Is it because of "pwdLastSet": "0",?
06/28/2024 08:33 PM
Yes is it resolved?
07/03/2024 03:02 AM
No, it is still the same
07/03/2024 09:27 PM
Share logs