This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD accounts ending in "-da" failing to update

ZA
New Contributor III
New Contributor III

‎09/11/2023 09:03 AM

Hello,

We use secondary privileged accounts for domain admins. The task to update the primary account such as jdoe is successful, but when I create an update account task for jdoe-da, i get the error message below.

 

SAV-Error while updating account,Could not find a unique saMAccountName to provision SAV-Error while updating account,Could not find a unique saMAccountName to provision
 
 
This happens with all "-da" accounts, not just this account. The account does exist in the endpoint accounts tab and directly in AD.
 
Additional log info:
2023-09-08 15:31:35,569 [quartzScheduler_Worker-5] DEBUG services.ArsTaskService - Validating tasks for Securitysystem - Prod AD
2023-09-08 15:31:35,571 [quartzScheduler_Worker-5] DEBUG services.ArsTaskService - includeinactiveusersandacc = false
2023-09-08 15:31:35,576 [quartzScheduler_Worker-5] DEBUG services.ArsTaskService - Key has Accounts
2023-09-08 15:31:35,579 [quartzScheduler_Worker-5] DEBUG services.ArsTaskService - accountName = jdoe-da , taskType = 12 accountkey = 62534323

2023-09-08 15:31:40,926 [quartzScheduler_Worker-5] DEBUG ldap.SaviyntGroovyLdapService - UpdateAccount - Binding map is..[ServiceAccountOwnerMap:[:],task:com.saviynt.ecm.task.ArsTasks : 7821024,manager:327626,user:377631,account:jdoe-da,managerAccount:OKana,]
2023-09-08 15:31:40,926 [quartzScheduler_Worker-5] DEBUG ldap.SaviyntGroovyLdapService - Enter isADConnection
2023-09-08 15:31:40,926 [quartzScheduler_Worker-5] DEBUG ldap.SaviyntGroovyLdapService - External connection is :: Prod AD
2023-09-08 15:31:40,927 [quartzScheduler_Worker-5] DEBUG ldap.SaviyntGroovyLdapService - isadconnection = true
2023-09-08 15:31:40,927 [quartzScheduler_Worker-5] DEBUG ldap.SaviyntGroovyLdapService - Exit isADConnection
 
 
 
Labels:
0 Kudos
1 REPLY 1

Darshanjain
Saviynt Employee
Saviynt Employee

‎09/13/2023 05:00 AM

Hi @ZA 

Can you paste the log lines when there is error when its trying to find the samaccountname. Also this looks more of issue than a new implementation. You can raise a FD ticket as well on this so that we can check around the logs and see whats the issue around.

Also these accounts ( -da ) were created from saviynt or only pulled via target. Also check on the domain ( OU ), it looks like with accountname its not finding any account in target.

 

 

Thanks

Darshan 

0 Kudos
Copyright © 2023 Khoros, LLC