Saviynt Forums

Shubhamjain27 · ‎06/26/2024

We have an issue while creating a duplicate account in AD.

Fresh user account is getting created in the OU but the issue is when we try to create one more account with the same firstname and lastname in the same OU but with different email and samaccountname.

Below is the Accountname rule:

CN=${user.lastname+'\\, '+user.firstname},${if(user.employeeType.equals('Contractor')){user.customproperty10} else if (user.employeeType.equals('RETAIL')) {'OU='+user.customproperty10+',OU=Retail,DC=local'}}###CN=${user.lastname+'1'+'\\, '+user.firstname},${if(user.employeeType.equals('Contractor')){user.customproperty10} else if (user.employeeType.equals('RETAIL')) {'OU='+user.customproperty10+',OU=Retail,DC=local'}}###CN=${user.lastname+'2'+'\\, '+user.firstname},${if(user.employeeType.equals('Contractor')){user.customproperty10} else if (user.employeeType.equals('RETAIL')) {'OU='+user.customproperty10+',OU=Retail,DC=local'}}

The error we are getting is:

Even though the account is active in AD with useraccountcontrol set to 512.

SumathiSomala · ‎06/26/2024

@Shubhamjain27 Did you configure the CHECKFORUNIQUENESS in connection?

Regards,
Sumathi Somala

If this reply answered your question, please Accept As Solution and give Kudos.

Shubhamjain27 · ‎06/26/2024

No, I did not.

If i am already setting up the accountname rule to check if the first already exists, use another.

Just for DN do I need checkforuniqueness attribute?

And in the comments, it says inactive account alreeady exists which is an active account in AD

NM · ‎06/26/2024

Hi @Shubhamjain27 , can you mark reuseinactiveaccount to "FALSE"

Shubhamjain27 · ‎06/26/2024

Its working but not sure why the account is getting created as inactive. Below is the createjson:

{
"accountExpires": "0",
"c": "US",
"cn": "${cn}",
"co": "United States",
"company": "",
"department": "${user.departmentname!=null?user.departmentname:''}",
"description": "${user.title != null && user.departmentname!= null && user.customproperty28 == null ?user.title+' - '+user.departmentname: user.customproperty28}",
"displayname": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"employeeID": "${user.username}",
"employeeType": "${user.employeeType != null ? user.employeeType : ''}",
"extensionAttribute1": "${user.customproperty19!=null?user.customproperty19:''}",
"extensionAttribute14": "",
"extensionAttribute2": "${user.customproperty18!=null?user.customproperty18:''}",
"extensionAttribute3": "${user.username!=null?'A'+user.username:''}",
"extensionAttribute4": "X",
"extensionAttribute5": "2",
"extensionAttribute6": "LOCL",
"extensionAttribute7": "G",
"extensionAttribute8": "BUK-1000",
"extensionAttribute9": "${user.customproperty11!=null?user.customproperty11:''}",
"extensionAttribute10": "ZW10T",
"extensionAttribute11": "QE1CLNT100",
"extensionAttribute12": "ER1CLNT100",
"extensionAttribute13": "${user.customproperty12!=null?user.customproperty12:''}",
"manager": "${ if (managerAccount == null || managerAccount?.accountID == null || managerAccount?.accountID == '' ){''} else {managerAccount?.accountID} }",
"facsimileTelephoneNumber": "${user.customproperty14 != null ? user.customproperty14 : ''}",
"givenName": "${user.firstname!=null?user.firstname:''}",
"l": "${user.city != null ? user.city : ''}",
"mail": "${user.email != null ? user.email : ''}",
"mailNickname": "${user.systemUserName}",
"name": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"physicalDeliveryOfficeName": "${user.location!=null?user.location:''}",
"postalCode": "${user.regioncode!=null?user.regioncode:''}",
"sAMAccountName": "${user.systemUserName}",
"sn": "${user.lastname}",
"st": "${user.state != null ? user.state : ''}",
"streetAddress": "${user.street!=null?user.street:''}",
"telephoneNumber": "${user.customproperty13 != null ? user.customproperty13 : ''}",
"title": "${user.title!=null?user.title:''}",
"userAccountControl": "512",
"pwdLastSet": "0",
"userPrincipalName": "${user.systemUserName+'@mybobstest.com'}",
"wDCostCenterID": "${user.costcenter!=null?user.costcenter:''}",
"wDHomeCellPhone": "${user.phonenumber!=null?user.phonenumber:''}",
"wDjobCode": "${user.jobCode!=null?user.jobCode:''}",
"wdJobFam": "${user.customproperty7!=null?user.customproperty7:''}",
"wdJobFamGrp": "${user.customproperty6!=null?user.customproperty6:''}",
"wDWorkCellPhone": "${user.secondaryPhone!=null?user.secondaryPhone:''}",
"extUISponsor": "${if (user.employeeType.equals('Contractor')){user.owner} else ''}",
"extUserCompany": "${if (user.employeeType.equals('Contractor')){user.companyname} else ''}",
"extUserEmailAddress": "${if (user.employeeType.equals('Contractor')){user.customproperty26} else ''}",
"proxyAddresses":"${'SMTP:' + user.email}"

}

Also we are not deleting the account for termination and only inactivating them. Later we are going to have rehires if we turn on the config, it will create a new account right?

We dont want that to happen in rehire.

NM · ‎06/26/2024

@Shubhamjain27 after marking it false did it work ..is that what you are stating?

Shubhamjain27 · ‎06/27/2024

That is correct. Its working after making it false.

The question is : We are mapping useraccountcontrol as 512 for new accounts, but then why AD is taking them as inactive accounts?

NM · ‎06/27/2024

@Shubhamjain27 , can you share create account json

Shubhamjain27 · ‎06/27/2024

{
"accountExpires": "0",
"c": "US",
"cn": "${cn}",
"co": "United States",
"company": "",
"department": "${user.departmentname!=null?user.departmentname:''}",
"description": "${user.title != null && user.departmentname!= null && user.customproperty28 == null ?user.title+' - '+user.departmentname: user.customproperty28}",
"displayname": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"employeeID": "${user.username}",
"employeeType": "${user.employeeType != null ? user.employeeType : ''}",
"extensionAttribute1": "${user.customproperty19!=null?user.customproperty19:''}",
"extensionAttribute14": "",
"extensionAttribute2": "${user.customproperty18!=null?user.customproperty18:''}",
"extensionAttribute3": "${user.username!=null?'A'+user.username:''}",
"extensionAttribute4": "X",
"extensionAttribute5": "2",
"extensionAttribute6": "LOCL",
"extensionAttribute7": "G",
"extensionAttribute8": "BUK-1000",
"extensionAttribute9": "${user.customproperty11!=null?user.customproperty11:''}",
"extensionAttribute10": "ZW10T",
"extensionAttribute11": "QE1CLNT100",
"extensionAttribute12": "ER1CLNT100",
"extensionAttribute13": "${user.customproperty12!=null?user.customproperty12:''}",
"manager": "${ if (managerAccount == null || managerAccount?.accountID == null || managerAccount?.accountID == '' ){''} else {managerAccount?.accountID} }",
"facsimileTelephoneNumber": "${user.customproperty14 != null ? user.customproperty14 : ''}",
"givenName": "${user.firstname!=null?user.firstname:''}",
"l": "${user.city != null ? user.city : ''}",
"mail": "${user.email != null ? user.email : ''}",
"mailNickname": "${user.systemUserName}",
"name": "${user.displayname != null ? user.displayname : user.lastname + ', '+ user.firstname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"physicalDeliveryOfficeName": "${user.location!=null?user.location:''}",
"postalCode": "${user.regioncode!=null?user.regioncode:''}",
"sAMAccountName": "${user.systemUserName}",
"sn": "${user.lastname}",
"st": "${user.state != null ? user.state : ''}",
"streetAddress": "${user.street!=null?user.street:''}",
"telephoneNumber": "${user.customproperty13 != null ? user.customproperty13 : ''}",
"title": "${user.title!=null?user.title:''}",
"userAccountControl": "512",
"pwdLastSet": "0",
"userPrincipalName": "${user.systemUserName+'@mybobstest.com'}",
"wDCostCenterID": "${user.costcenter!=null?user.costcenter:''}",
"wDHomeCellPhone": "${user.phonenumber!=null?user.phonenumber:''}",
"wDjobCode": "${user.jobCode!=null?user.jobCode:''}",
"wdJobFam": "${user.customproperty7!=null?user.customproperty7:''}",
"wdJobFamGrp": "${user.customproperty6!=null?user.customproperty6:''}",
"wDWorkCellPhone": "${user.secondaryPhone!=null?user.secondaryPhone:''}",
"extUISponsor": "${if (user.employeeType.equals('Contractor')){user.owner} else ''}",
"extUserCompany": "${if (user.employeeType.equals('Contractor')){user.companyname} else ''}",
"extUserEmailAddress": "${if (user.employeeType.equals('Contractor')){user.customproperty26} else ''}",
"proxyAddresses":"${'SMTP:' + user.email}"

}

rushikeshvartak · ‎06/27/2024

{
  "accountExpires": "0",
  "c": "US",
  "cn": "${cn}",
  "co": "United States",
  "department": "${user.departmentname != null ? user.departmentname : ''}",
  "description": "${user.title != null && user.departmentname != null && user.customproperty28 == null ? user.title + ' - ' + user.departmentname : user.customproperty28}",
  "displayName": "${user.displayname != null ? user.displayname : user.lastname + ', ' + user.firstname}",
  "employeeID": "${user.username}",
  "employeeType": "${user.employeeType != null ? user.employeeType : ''}",
  "extensionAttribute1": "${user.customproperty19 != null ? user.customproperty19 : ''}",
  "extensionAttribute2": "${user.customproperty18 != null ? user.customproperty18 : ''}",
  "extensionAttribute3": "${user.username != null ? 'A' + user.username : ''}",
  "extensionAttribute9": "${user.customproperty11 != null ? user.customproperty11 : ''}",
  "extensionAttribute13": "${user.customproperty12 != null ? user.customproperty12 : ''}",
  "manager": "${managerAccount?.accountID != null ? managerAccount.accountID : ''}",
  "givenName": "${user.firstname != null ? user.firstname : ''}",
  "l": "${user.city != null ? user.city : ''}",
  "mail": "${user.email != null ? user.email : ''}",
  "mailNickname": "${user.systemUserName}",
  "name": "${user.displayname != null ? user.displayname : user.lastname + ', ' + user.firstname}",
  "objectClass": [
    "top",
    "person",
    "organizationalPerson",
    "user"
  ],
  "physicalDeliveryOfficeName": "${user.location != null ? user.location : ''}",
  "postalCode": "${user.regioncode != null ? user.regioncode : ''}",
  "sAMAccountName": "${user.systemUserName}",
  "sn": "${user.lastname}",
  "st": "${user.state != null ? user.state : ''}",
  "streetAddress": "${user.street != null ? user.street : ''}",
  "telephoneNumber": "${user.customproperty13 != null ? user.customproperty13 : ''}",
  "title": "${user.title != null ? user.title : ''}",
  "userAccountControl": "512",
  "userPrincipalName": "${user.systemUserName + '@mybobstest.com'}",
  "wDCostCenterID": "${user.costcenter != null ? user.costcenter : ''}",
  "wDHomeCellPhone": "${user.phonenumber != null ? user.phonenumber : ''}",
  "wDjobCode": "${user.jobCode != null ? user.jobCode : ''}",
  "wdJobFam": "${user.customproperty7 != null ? user.customproperty7 : ''}",
  "wdJobFamGrp": "${user.customproperty6 != null ? user.customproperty6 : ''}",
  "wDWorkCellPhone": "${user.secondaryPhone != null ? user.secondaryPhone : ''}",
  "extUISponsor": "${user.employeeType == 'Contractor' ? user.owner : ''}",
  "extUserCompany": "${user.employeeType == 'Contractor' ? user.companyname : ''}",
  "extUserEmailAddress": "${user.employeeType == 'Contractor' ? user.customproperty26 : ''}",
  "proxyAddresses": "${'SMTP:' + user.email}"
}

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Shubhamjain27 · ‎06/28/2024

Is it because of "pwdLastSet": "0",?

rushikeshvartak · ‎06/28/2024

Yes is it resolved?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Shubhamjain27 · ‎07/03/2024

No, it is still the same

rushikeshvartak · ‎07/03/2024

Share logs

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Saviynt Forums

AccountName rule issue for AD - not creating a new account with the same name