This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD EnableAccount JSON

PiyushRai
New Contributor
New Contributor

‎09/22/2023 07:25 AM

Hi Team,

I am trying the below  AD enableAccount JSON but it is not working. I am seeing error

{
"USEDNFROMACCOUNT": "YES",
"MOVEDN": "YES",
"REMOVEGROUPS": "NO",
"DISABLEACCOUNTCHECKRULE":" {{'CN='+user.displayname.replaceAll(',','\\,')+',OU=Users,OU='+user.customproperty31+',OU='+user.customproperty32+',OU=AGIGATesting,DC=sus-test,DC=com'}}",
"ENABLEACCOUNTOU": "OU=AGIGATesting,DC=sus-test,DC=com",
"AFTERMOVEACTIONS": {
"userAccountControl": "512",
"userPassword": "${randomPassword}"
 
}
}
Labels:
0 Kudos
7 REPLIES 7

SumathiSomala
Regular Contributor III
Regular Contributor III

‎09/22/2023 07:50 AM

Hi @PiyushRai ,

Could you please share the error details and logs.

"DISABLEACCOUNTCHECKRULE" used when  "USEDNFROMACCOUNT" is set to "NO"

SumathiSomala_0-1695394016186.png

Please refer below link

Configuring the Integration for Provisioning and Deprovisioning Accounts (saviyntcloud.com)

Regards,
Sumathi Somala
0 Kudos

PiyushRai
New Contributor
New Contributor
In response to SumathiSomala

‎09/24/2023 11:25 PM

PiyushRai_0-1695623072948.png

This is the error detail I get.

0 Kudos

SumathiSomala
Regular Contributor III
Regular Contributor III
In response to PiyushRai

‎09/24/2023 11:41 PM

@PiyushRai Could you try below JSON and check if you are able to enable the account

{
"USEDNFROMACCOUNT": "YES",
"MOVEDN": "YES",
"REMOVEGROUPS": "NO",
"ENABLEACCOUNTOU": "OU=AGIGATesting,DC=sus-test,DC=com",
"AFTERMOVEACTIONS": {
"userAccountControl": "512"
}
}

Regards,
Sumathi Somala
0 Kudos

PiyushRai
New Contributor
New Contributor
In response to SumathiSomala

‎09/25/2023 02:38 AM

@SumathiSomala 

I'm getting this error when I'm using the above code

SAV-Error while enabling account,[LDAP: error code 53 - 0000052D: SvcErr: DSID-031A124C, problem 5003 (WILL_NOT_PERFORM), data 0 ]

0 Kudos

SumathiSomala
Regular Contributor III
Regular Contributor III
In response to PiyushRai

‎09/25/2023 02:46 AM - edited ‎09/25/2023 02:47 AM

@PiyushRai ,

Could you please share the error logs and how you are enabling the account through ARS or through User Update rules?

Regards,
Sumathi Somala
0 Kudos

PiyushRai
New Contributor
New Contributor
In response to SumathiSomala

‎09/25/2023 02:56 AM

@SumathiSomala 

Preview file
887 KB
0 Kudos

SumathiSomala
Regular Contributor III
Regular Contributor III
In response to PiyushRai

‎09/25/2023 03:09 AM

@PiyushRai 

Could you please verify that the service account being used for the connection has sufficient privileges to perform CRUD operations in Active Directory (AD). It should have the necessary permissions for creating, modifying, and deleting user accounts.

Since logs showing OperationNotSupportedException.

SumathiSomala_0-1695636517175.png

And you are performing all operations using SSL port right?

Regards,
Sumathi Somala
0 Kudos
Copyright © 2023 Khoros, LLC