Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD new account creation failed due to password policies

SumathiSomala
All-Star
All-Star

‎08/17/2023 02:14 AM

Hi team,

I am trying to create new AD account from ARS saviynt.

Account creation getting failed with below error

Checking DN for CN=Help Test02,OU=Saviynt_Test,OU=Test Users,OU=XXX Users,DC=XX,DC=XX.Not FOund DN for CCN=Help Test02,OU=Saviynt_Test,OU=Test Users,OU=XXX Users,DC=XX,DC=XX. Error while creating account in AD - [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A126A, problem 5003 (WILL_NOT_PERFORM), data 0 ]

So i removed password policies and SETRANDOMPASSWORD as FALSE 

Now account is created in AD with userAccountControl 546

Is password policies used in Saviynt should match with AD password policy complexity requirement (image attached).

Can any one help with password policies and how to pass this password to users?

Any help would be appreciated.

 

Regards,
Sumathi Somala

If this reply answered your question, please Accept As Solution and give Kudos.

Preview file
107 KB
0 Kudos
4 REPLIES 4

pmahalle
All-Star
All-Star

‎08/17/2023 02:53 AM

Hi @SumathiSomala ,

Yes ideally Password policy in Saviynt connection and AD should be same. Saviynt will generate random password based on policy present in Saviynt, if password did not meet the policy is AD then account creation might be failed.

Also while sending password make sure to user LDAPS with port 636 and not LDAP in your URL.


Pandharinath Mahalle(Paddy)
If this reply helps your question, please consider selecting Accept As Solution and hit Kudos 🙂
0 Kudos

SumathiSomala
All-Star
All-Star
In response to pmahalle

‎08/17/2023 02:57 AM

Thanks @pmahalle 

yes using LDAPS with port 636 

I have attached the AD password policy can you help with password policy template?

Regards,
Sumathi Somala

If this reply answered your question, please Accept As Solution and give Kudos.

Preview file
107 KB
Preview file
87 KB
0 Kudos

pmahalle
All-Star
All-Star
In response to SumathiSomala

‎08/17/2023 03:10 AM

Hi @SumathiSomala ,

Create APPLICATION type password policy under Admin --> Identity Repository-->Password Polices and attach to your security system. Where you can create complex password policies.

Refer: https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter02-Identity-Repository/Manag...


Pandharinath Mahalle(Paddy)
If this reply helps your question, please consider selecting Accept As Solution and hit Kudos 🙂
0 Kudos

SumathiSomala
All-Star
All-Star
In response to pmahalle

‎08/17/2023 03:20 AM

I tried @pmahalle 

SumathiSomala_0-1692267575952.png

 

Getting below error

Error while creating account in AD - [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A126A, problem 5003 (WILL_NOT_PERFORM), data 0 ]

Regards,
Sumathi Somala

If this reply answered your question, please Accept As Solution and give Kudos.

0 Kudos
Copyright © 2024 Khoros, LLC