Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/20/2024 06:32 AM
Hi
when trying to create an new AD account with the below CreateAccountJSON, the attributes are not getting resolved and the account is created as shown in the below screenshot,
CreateAccount JSON:
{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14}",
"givenName": "${user.firstname}",
"streetAddress": "${DA_streetAddress}",
"postOfficeBox": "${DA_postOfficeBox}",
"postalCode": "${DA_postalCode}",
"l": "${if(user.city == null){''} else {user.city}}",
"corpCustomAttribute033": "${user.customproperty8}",
"title": "${user.jobdescription}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${if(user.customproperty22 == null){''} else {user.customproperty22}}",
"corpCustomAttribute040": "${if(user.customproperty25 == null){''} else {user.customproperty25}}",
"corpCustomAttribute041": "${if(user.customproperty26 == null){''} else {user.customproperty26}}",
"userPrincipalName": "${if(user.customproperty6 == null){''} else {user.customproperty6}}",
"mail": "${if(user.email == null){''} else {user.email}}",
"telephoneNumber": "${if(user.phonenumber == null){''} else {user.phonenumber}}",
"facsimileTelephoneNumber": "${if(user.customproperty47 != null){user.customproperty47}}",
"physicalDeliveryOfficeName": "${if(user.siteid == null){''} else {user.siteid}}",
"targetAddress": "${if(user.email == null){''} else {user.email}}",
"corpCustomAttribute005": "${if(user.customproperty41 == null){''} else {user.customproperty41}}",
"displayName": "${DA_displayname}",
"company": "${if(user.companyname == null){''} else {user.companyname}}",
"corpCustomAttribute001": "${if(user.username == null){''} else {user.username}}",
"corpCustomAttribute031": "${if(user.customproperty37 == null){''} else {user.customproperty37}}",
"extensionAttribute1": "${[user.customproperty37, '-', user.employeeid].join('')}",
"extensionAttribute7": "${[user.customproperty37, '-', user.costcenter].join('')}",
"extensionAttribute8": "${if(user.customproperty16 == null){''} else {user.customproperty16}}",
"extensionAttribute9": "${DA_extensionAttribute9}",
"extensionAttribute13": "${if(user.employeetype == null){''} else {user.employeetype}}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}
We have updated the JSON to simpler format as below, it fails with the LDAP error:
JSON:
{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14==null? user.lastname:user.customproperty14}",
"givenName": "${user.preferedFirstName==null? user.firstname:user.preferedFirstName}",
"streetAddress": "${DA_streetAddress}",
"postOfficeBox": "${DA_postOfficeBox}",
"postalCode": "${DA_postalCode}",
"l": "${user.city}",
"title": "${user.jobdescription}",
"corpCustomAttribute005": "${user.customproperty41}",
"corpCustomAttribute033": "${user.customproperty8}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${user.customproperty22}",
"corpCustomAttribute040": "${user.customproperty25}",
"corpCustomAttribute041": "${user.customproperty26}",
"corpCustomAttribute001": "${user.username}",
"corpCustomAttribute031": "${user.customproperty37}",
"extensionAttribute1": "${user.customproperty37}-${user.employeeid}",
"extensionAttribute7": "${user.customproperty37}-${user.costcenter}",
"extensionAttribute8": "${user.customproperty16}",
"extensionAttribute9": "${DA_extensionAttribute9}",
"extensionAttribute13": "${user.employeetype}",
"userPrincipalName": "${user.customproperty6}",
"mail": "${user.email}",
"telephoneNumber": "${user.phonenumber}",
"facsimileTelephoneNumber": "${user.customproperty47}",
"physicalDeliveryOfficeName": "${user.siteid}",
"targetAddress": "${user.email}",
"displayName": "${DA_displayname}",
"company": "${user.companyname}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}
error:
Error while creating account in AD - [LDAP: error code 68 - 00000524: UpdErr: DSID-031A11FA, problem 6005 (ENTRY_EXISTS), data 0 ]
Any suggestions on this issue?
Thanks in advance!
Best regards,
Harish
06/20/2024 10:09 AM
@HarishG can you verify the account you're trying to create already exists in Active Directory. This could happen if someone else has already created an account with the same name, or if there's a synchronization issue with another system creating duplicate entrie.
06/20/2024 04:30 PM
One of the attributes is not able to resolve. Reduce number of attributes and try
06/20/2024 04:31 PM
{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14}",
"givenName": "${user.firstname}",
"streetAddress": "${DA_streetAddress}",
"postOfficeBox": "${DA_postOfficeBox}",
"postalCode": "${DA_postalCode}",
"l": "${user.city != null ? user.city : ''}",
"corpCustomAttribute033": "${user.customproperty8}",
"title": "${user.jobdescription}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${user.customproperty22 != null ? user.customproperty22 : ''}",
"corpCustomAttribute040": "${user.customproperty25 != null ? user.customproperty25 : ''}",
"corpCustomAttribute041": "${user.customproperty26 != null ? user.customproperty26 : ''}",
"userPrincipalName": "${user.customproperty6 != null ? user.customproperty6 : ''}",
"mail": "${user.email != null ? user.email : ''}",
"telephoneNumber": "${user.phonenumber != null ? user.phonenumber : ''}",
"facsimileTelephoneNumber": "${user.customproperty47 != null ? user.customproperty47 : ''}",
"physicalDeliveryOfficeName": "${user.siteid != null ? user.siteid : ''}",
"targetAddress": "${user.email != null ? user.email : ''}",
"corpCustomAttribute005": "${user.customproperty41 != null ? user.customproperty41 : ''}",
"displayName": "${DA_displayname}",
"company": "${user.companyname != null ? user.companyname : ''}",
"corpCustomAttribute001": "${user.username != null ? user.username : ''}",
"corpCustomAttribute031": "${user.customproperty37 != null ? user.customproperty37 : ''}",
"extensionAttribute1": "${[user.customproperty37, '-', user.employeeid].join('')}",
"extensionAttribute7": "${[user.customproperty37, '-', user.costcenter].join('')}",
"extensionAttribute8": "${user.customproperty16 != null ? user.customproperty16 : ''}",
"extensionAttribute9": "${DA_extensionAttribute9}",
"extensionAttribute13": "${user.employeetype != null ? user.employeetype : ''}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}
06/25/2024 01:11 AM
Hi Rushikesh,
No 'createaccountJSON' is working for AD provisioning.
always its giving the error (ENTRY_EXIST)
any advice to resole this will be of great help.
regards,
Partha
06/25/2024 04:52 AM - edited 06/25/2024 04:54 AM
@HarishG @parthaghosh I have faced similar issue earlier.Root cause was i was used jobdescription instead of jobDescription and employeetype instead of employeeType.
Check if there are any incorrect mappings and try with minimum numberof mappings to identify the cause.
{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14}",
"givenName": "${user.firstname}",
"streetAddress": "${DA_streetAddress}",
"postOfficeBox": "${DA_postOfficeBox}",
"postalCode": "${DA_postalCode}",
"l": "${user.city != null ? user.city : ''}",
"corpCustomAttribute033": "${user.customproperty8}",
"title": "${user.jobDescription}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${user.customproperty22 != null ? user.customproperty22 : ''}",
"corpCustomAttribute040": "${user.customproperty25 != null ? user.customproperty25 : ''}",
"corpCustomAttribute041": "${user.customproperty26 != null ? user.customproperty26 : ''}",
"userPrincipalName": "${user.customproperty6 != null ? user.customproperty6 : ''}",
"mail": "${user.email != null ? user.email : ''}",
"telephoneNumber": "${user.phonenumber != null ? user.phonenumber : ''}",
"facsimileTelephoneNumber": "${user.customproperty47 != null ? user.customproperty47 : ''}",
"physicalDeliveryOfficeName": "${user.siteid != null ? user.siteid : ''}",
"targetAddress": "${user.email != null ? user.email : ''}",
"corpCustomAttribute005": "${user.customproperty41 != null ? user.customproperty41 : ''}",
"displayName": "${DA_displayname}",
"company": "${user.companyname != null ? user.companyname : ''}",
"corpCustomAttribute001": "${user.username != null ? user.username : ''}",
"corpCustomAttribute031": "${user.customproperty37 != null ? user.customproperty37 : ''}",
"extensionAttribute1": "${[user.customproperty37, '-', user.employeeid].join('')}",
"extensionAttribute7": "${[user.customproperty37, '-', user.costcenter].join('')}",
"extensionAttribute8": "${user.customproperty16 != null ? user.customproperty16 : ''}",
"extensionAttribute9": "${DA_extensionAttribute9}",
"extensionAttribute13": "${user.employeeType != null ? user.employeeType : ''}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}
06/26/2024 05:49 AM
corrected those 2 attributes, now trying with very less attributes, but same error.
{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14==null? user.lastname:user.customproperty14}",
"givenName": "${user.preferedFirstName==null? user.firstname:user.preferedFirstName}",
"l": "${user.city}",
"title": "${user.jobDescription}",
"userPrincipalName": "${user.customproperty6}",
"mail": "${user.email}",
"telephoneNumber": "${user.phonenumber}",
"facsimileTelephoneNumber": "${user.customproperty47}",
"physicalDeliveryOfficeName": "${user.siteid}",
"targetAddress": "${user.email}",
"company": "${user.companyname}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}
-- Partha
06/26/2024 07:45 AM - edited 06/26/2024 07:45 AM
finally, we could make it work.
{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14==null? user.lastname:user.customproperty14}",
"givenName": "${user.preferedFirstName==null? user.firstname:user.preferedFirstName}",
"streetAddress": "${requestAccessAttributes.get('DA_streetAddress')}",
"postOfficeBox": "${requestAccessAttributes.get('DA_postOfficeBox')}",
"postalCode": "${requestAccessAttributes.get('DA_postalCode')}",
"l": "${user.city}",
"title": "${user.jobDescription}",
"corpCustomAttribute005": "${user.customproperty41}",
"corpCustomAttribute033": "${user.customproperty8}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${user.customproperty22}",
"corpCustomAttribute040": "${user.customproperty25}",
"corpCustomAttribute041": "${user.customproperty26}",
"corpCustomAttribute001": "${user.username}",
"corpCustomAttribute031": "${user.customproperty37}",
"extensionAttribute1": "${user.customproperty37}-${user.employeeid}",
"extensionAttribute7": "${user.customproperty37}-${user.costcenter}",
"extensionAttribute8": "${user.customproperty16}",
"extensionAttribute9": "${requestAccessAttributes.get('DA_extensionAttribute9')}",
"extensionAttribute13": "${user.employeeType}",
"userPrincipalName": "${user.customproperty6}",
"mail": "${user.email}",
"telephoneNumber": "${user.phonenumber}",
"facsimileTelephoneNumber": "${user.customproperty47}",
"physicalDeliveryOfficeName": "${user.siteid}",
"targetAddress": "${user.email}",
"displayName": "${requestAccessAttributes.get('DA_displayname')}",
"company": "${user.companyname}",
"mobile": "${user.secondaryPhone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}
thanks
06/27/2024 12:04 AM
@parthaghosh Great, Then you can close the thread by selecting appropriate reply as accepted as solution.