Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

AD Enable Account fails with LDAP Error Code 80

KarthikaMoorti
New Contributor
New Contributor

Hi,

We are facing issue while trying to enable AD account.

SAV-Error while enabling account,[LDAP: error code 80 - 00002089: UpdErr: DSID-031B0E6F, problem 5012 (DIR_ERROR), data 3 ]

We validated that the account is moved and data is set as expected but getting error in Saviynt.

4 REPLIES 4

rushikeshvartak
All-Star
All-Star

Please share json


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

KarthikaMoorti
New Contributor
New Contributor

Hi Rushikesh,

Below is the Enable Account JSON query we used in AD connector.

{
"USEDNFROMACCOUNT": "YES",
"MOVEDN": "YES",
"REMOVEGROUPS": "NO",
"ENABLEACCOUNTOU": "${if(user.employeeType?.equals('Employee')){user.orgunitid} else if((user.employeeType?.equals('Contractor')) && (user.jobCode?.equals(''))){''} else if(user.employeeType?.equals('Contractor')){''} else if(user.employeeType?.equals('Medical Director')){user.customproperty23} else if (user.employeeType?.equals('Corporate Contractor')){''}}",
"AFTERMOVEACTIONS": {
"userAccountControl": "544",
"accountExpires": "0",
"displayName": "${user.displayname}",
"givenName": "${user.firstname}",
"sn": "${user.lastname}",
"ID-PeopleSoft": "${if(user.employeeType?.equals('Employee')) {user.employeeid} else ''}",
"employeeID": "${user.employeeid}",
"employeeType": "${user.job_function}",
"description": "${if(user.employeeType?.equals('Employee')) {user.jobCode} else if(user.employeeType?.equals('Contractor')) {user.customproperty21}else if(user.employeeType?.equals('Medical Director')) {user.customproperty22}}",
"manager": "${managerAccount?.accountID}",
"company": "${user.companyname}",
"title": "${user.jobcodedesc}",
"department": "${user.departmentNumber}",
"l": "${user.city}",
"st": "${user.state}",
"streetAddress": "${user.street}",
"postalCode": "${user.customproperty5}",
"physicalDeliveryOfficeName": "${if(user.employeeType?.equals('Employee')){user.locationdesc} else {user.locationnumber}}",
"amedJobStatus": "${user.job_function}",
"amedJobFamily": "${user.customproperty7}",
"AMED-POD": "${user.customproperty6}",
"AMED-Region": "${user.region}",
"AMED-Location": "${user.locationnumber}",F
"AMED-StartDate": "${if((user.employeeType?.equals('Employee')) || (user.employeeType?.equals('Contractor'))) {new java.text.SimpleDateFormat('yyyyMMddHHmmss.0Z').format(user.startdate)}}",
"extensionAttribute12": "${user.jobCode}",
"extensionAttribute1": "${user.employeeid}",
"extensionAttribute2": "${user.locationnumber}",
"extensionAttribute3": "${user.customproperty1}",
"extensionAttribute4": "${user.firstname}",
"extensionAttribute5": "${user.customproperty2}",
"extensionAttribute6": "${user.customproperty3}",
"extensionAttribute7": "${user.customproperty4}",
"extensionAttribute11": "${if(user.employeeType?.equals('Employee')){'Employee'} else if ((user.employeeType?.equals('Contractor')) && (user.jobCode?.equals('VOLUNTR'))){'VOLUNTR'} else if ((user.employeeType?.equals('Contractor')) && (user.jobCode?.equals(''))){'CORP CON'} else if((user.employeeType?.equals('Contractor')) && (!user.customproperty21?.contains('VOL:'))){'Clinician Contractor'} else if (user.employeeType?.equals('Medical Director')){'MD'} else if (user.employeeType?.equals('Corporate Contractor')) {'CORP CON'}}",
"extensionAttribute13": "${user.customproperty9}"
}
}

Hi Rushikesh,

Could you please share us any update on this issue?

Here's a step-by-step approach to troubleshoot and resolve this issue:

Step 1: Validate All Attribute Values

Ensure all attribute values in the JSON payload are valid and comply with AD schema constraints. Specifically:

  • Ensure Non-Empty Required Fields: Attributes such as displayName, givenName, sn (surname), employeeID, company, and title should not be empty if they are mandatory in AD.
  • Check Special Characters: Ensure that none of the attributes contain special characters or invalid values that might cause issues in AD.

Step 2: Simplify and Test Incrementally

{
"USEDNFROMACCOUNT": "YES",
"MOVEDN": "YES",
"REMOVEGROUPS": "NO",
"ENABLEACCOUNTOU": "${if(user.employeeType?.equals('Employee')){user.orgunitid} else if((user.employeeType?.equals('Contractor')) && (user.jobCode?.equals(''))){''} else if(user.employeeType?.equals('Contractor')){''} else if(user.employeeType?.equals('Medical Director')){user.customproperty23} else if (user.employeeType?.equals('Corporate Contractor')){''}}",
"AFTERMOVEACTIONS": {
"userAccountControl": "544",
"accountExpires": "0",
"displayName": "${user.displayname}",
"givenName": "${user.firstname}",
"sn": "${user.lastname}"
}
}

 

 

{
"USEDNFROMACCOUNT": "YES",
"MOVEDN": "YES",
"REMOVEGROUPS": "NO",
"ENABLEACCOUNTOU": "${if(user.employeeType?.equals('Employee')){user.orgunitid} else if((user.employeeType?.equals('Contractor')) && (user.jobCode?.equals(''))){''} else if(user.employeeType?.equals('Contractor')){''} else if(user.employeeType?.equals('Medical Director')){user.customproperty23} else if (user.employeeType?.equals('Corporate Contractor')){''}}",
"AFTERMOVEACTIONS": {
"userAccountControl": "544",
"accountExpires": "0",
"displayName": "${user.displayname}",
"givenName": "${user.firstname}",
"sn": "${user.lastname}",
"ID-PeopleSoft": "${if(user.employeeType?.equals('Employee')) {user.employeeid} else ''}",
"employeeID": "${user.employeeid}",
"employeeType": "${user.job_function}",
"description": "${if(user.employeeType?.equals('Employee')) {user.jobCode} else if(user.employeeType?.equals('Contractor')) {user.customproperty21}else if(user.employeeType?.equals('Medical Director')) {user.customproperty22}}",
"manager": "${managerAccount?.accountID}",
"company": "${user.companyname}",
"title": "${user.jobcodedesc}",
"department": "${user.departmentNumber}",
"l": "${user.city}",
"st": "${user.state}",
"streetAddress": "${user.street}",
"postalCode": "${user.customproperty5}",
"physicalDeliveryOfficeName": "${if(user.employeeType?.equals('Employee')){user.locationdesc} else {user.locationnumber}}",
"amedJobStatus": "${user.job_function}",
"amedJobFamily": "${user.customproperty7}",
"AMED-POD": "${user.customproperty6}",
"AMED-Region": "${user.region}",
"AMED-Location": "${user.locationnumber}",
"AMED-StartDate": "${if((user.employeeType?.equals('Employee')) || (user.employeeType?.equals('Contractor'))) {new java.text.SimpleDateFormat('yyyyMMddHHmmss.0Z').format(user.startdate)}}",
"extensionAttribute12": "${user.jobCode}",
"extensionAttribute1": "${user.employeeid}",
"extensionAttribute2": "${user.locationnumber}",
"extensionAttribute3": "${user.customproperty1}",
"extensionAttribute4": "${user.firstname}",
"extensionAttribute5": "${user.customproperty2}",
"extensionAttribute6": "${user.customproperty3}",
"extensionAttribute7": "${user.customproperty4}",
"extensionAttribute11": "${if(user.employeeType?.equals('Employee')){'Employee'} else if ((user.employeeType?.equals('Contractor')) && (user.jobCode?.equals('VOLUNTR'))){'VOLUNTR'} else if ((user.employeeType?.equals('Contractor')) && (user.jobCode?.equals(''))){'CORP CON'} else if((user.employeeType?.equals('Contractor')) && (!user.customproperty21?.contains('VOL:'))){'Clinician Contractor'} else if (user.employeeType?.equals('Medical Director')){'MD'} else if (user.employeeType?.equals('Corporate Contractor')) {'CORP CON'}}",
"extensionAttribute13": "${user.customproperty9}"
}
}


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.