This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD new account creation failed due to password policies

SumathiSomala
Regular Contributor II
Regular Contributor II

‎08/17/2023 02:14 AM

Hi team,

I am trying to create new AD account from ARS saviynt.

Account creation getting failed with below error

Checking DN for CN=Help Test02,OU=Saviynt_Test,OU=Test Users,OU=XXX Users,DC=XX,DC=XX.Not FOund DN for CCN=Help Test02,OU=Saviynt_Test,OU=Test Users,OU=XXX Users,DC=XX,DC=XX. Error while creating account in AD - [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A126A, problem 5003 (WILL_NOT_PERFORM), data 0 ]

So i removed password policies and SETRANDOMPASSWORD as FALSE 

Now account is created in AD with userAccountControl 546

Is password policies used in Saviynt should match with AD password policy complexity requirement (image attached).

Can any one help with password policies and how to pass this password to users?

Any help would be appreciated.

 

Preview file
107 KB
0 Kudos
4 REPLIES 4

pmahalle
Valued Contributor II
Valued Contributor II

‎08/17/2023 02:53 AM

Hi @SumathiSomala ,

Yes ideally Password policy in Saviynt connection and AD should be same. Saviynt will generate random password based on policy present in Saviynt, if password did not meet the policy is AD then account creation might be failed.

Also while sending password make sure to user LDAPS with port 636 and not LDAP in your URL.


Regards,
Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept it As Solution to help others who may have a similar problem.
0 Kudos

SumathiSomala
Regular Contributor II
Regular Contributor II
In response to pmahalle

‎08/17/2023 02:57 AM

Thanks @pmahalle 

yes using LDAPS with port 636 

I have attached the AD password policy can you help with password policy template?

Preview file
107 KB
Preview file
87 KB
0 Kudos

pmahalle
Valued Contributor II
Valued Contributor II
In response to SumathiSomala

‎08/17/2023 03:10 AM

Hi @SumathiSomala ,

Create APPLICATION type password policy under Admin --> Identity Repository-->Password Polices and attach to your security system. Where you can create complex password policies.

Refer: https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter02-Identity-Repository/Manag...


Regards,
Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept it As Solution to help others who may have a similar problem.
0 Kudos

SumathiSomala
Regular Contributor II
Regular Contributor II
In response to pmahalle

‎08/17/2023 03:20 AM

I tried @pmahalle 

SumathiSomala_0-1692267575952.png

 

Getting below error

Error while creating account in AD - [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A126A, problem 5003 (WILL_NOT_PERFORM), data 0 ]

0 Kudos
Copyright © 2023 Khoros, LLC