Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

AD Provisioning issues

HarishG
Regular Contributor
Regular Contributor

Hi

when trying to create an new AD account with the below CreateAccountJSON, the attributes are not getting resolved and the account is created as shown in the below screenshot,

CreateAccount JSON:

{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14}",
"givenName": "${user.firstname}",
"streetAddress": "${DA_streetAddress}",
"postOfficeBox": "${DA_postOfficeBox}",
"postalCode": "${DA_postalCode}",
"l": "${if(user.city == null){''} else {user.city}}",
"corpCustomAttribute033": "${user.customproperty8}",
"title": "${user.jobdescription}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${if(user.customproperty22 == null){''} else {user.customproperty22}}",
"corpCustomAttribute040": "${if(user.customproperty25 == null){''} else {user.customproperty25}}",
"corpCustomAttribute041": "${if(user.customproperty26 == null){''} else {user.customproperty26}}",
"userPrincipalName": "${if(user.customproperty6 == null){''} else {user.customproperty6}}",
"mail": "${if(user.email == null){''} else {user.email}}",
"telephoneNumber": "${if(user.phonenumber == null){''} else {user.phonenumber}}",
"facsimileTelephoneNumber": "${if(user.customproperty47 != null){user.customproperty47}}",
"physicalDeliveryOfficeName": "${if(user.siteid == null){''} else {user.siteid}}",
"targetAddress": "${if(user.email == null){''} else {user.email}}",
"corpCustomAttribute005": "${if(user.customproperty41 == null){''} else {user.customproperty41}}",
"displayName": "${DA_displayname}",
"company": "${if(user.companyname == null){''} else {user.companyname}}",
"corpCustomAttribute001": "${if(user.username == null){''} else {user.username}}",
"corpCustomAttribute031": "${if(user.customproperty37 == null){''} else {user.customproperty37}}",
"extensionAttribute1": "${[user.customproperty37, '-', user.employeeid].join('')}",
"extensionAttribute7": "${[user.customproperty37, '-', user.costcenter].join('')}",
"extensionAttribute8": "${if(user.customproperty16 == null){''} else {user.customproperty16}}",
"extensionAttribute9": "${DA_extensionAttribute9}",
"extensionAttribute13": "${if(user.employeetype == null){''} else {user.employeetype}}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}

 

HarishG_0-1718889630358.png

 

We have updated the JSON to simpler format as below, it fails with the LDAP error:

JSON:

{
  "Language": "${user.customproperty19}",
  "sn": "${user.customproperty14==null? user.lastname:user.customproperty14}",
  "givenName": "${user.preferedFirstName==null? user.firstname:user.preferedFirstName}",
  "streetAddress": "${DA_streetAddress}",
  "postOfficeBox": "${DA_postOfficeBox}",
  "postalCode": "${DA_postalCode}",
  "l": "${user.city}",
  "title": "${user.jobdescription}",
  "corpCustomAttribute005": "${user.customproperty41}",
  "corpCustomAttribute033": "${user.customproperty8}",
  "corpCustomAttribute034": "${user.jobcodedesc}",
  "corpCustomAttribute035": "${user.customproperty15}",
  "corpCustomAttribute036": "${user.departmentNumber}",
  "corpCustomAttribute039": "${user.customproperty22}",
  "corpCustomAttribute040": "${user.customproperty25}",
  "corpCustomAttribute041": "${user.customproperty26}",
  "corpCustomAttribute001": "${user.username}",
  "corpCustomAttribute031": "${user.customproperty37}",
  "extensionAttribute1": "${user.customproperty37}-${user.employeeid}",
  "extensionAttribute7": "${user.customproperty37}-${user.costcenter}",
  "extensionAttribute8": "${user.customproperty16}",
  "extensionAttribute9": "${DA_extensionAttribute9}",
  "extensionAttribute13": "${user.employeetype}",
  "userPrincipalName": "${user.customproperty6}",
  "mail": "${user.email}",
  "telephoneNumber": "${user.phonenumber}",
  "facsimileTelephoneNumber": "${user.customproperty47}",
  "physicalDeliveryOfficeName": "${user.siteid}",
  "targetAddress": "${user.email}",
  "displayName": "${DA_displayname}",
  "company": "${user.companyname}",
  "mobile": "${user.secondaryphone}",
  "sAMAccountName": "${user.username}",
  "pwdLastSet": "0",
  "objectClass": [
    "top",
    "person",
    "organizationalPerson",
    "user"
  ]
}

error:

Error while creating account in AD - [LDAP: error code 68 - 00000524: UpdErr: DSID-031A11FA, problem 6005 (ENTRY_EXISTS), data 0 ]

 

Any suggestions on this issue?

Thanks in advance!

Best regards,

Harish

8 REPLIES 8

Raghu
All-Star
All-Star

@HarishG  can you verify the account you're trying to create already exists in Active Directory. This could happen if someone else has already created an account with the same name, or if there's a synchronization issue with another system creating duplicate entrie.

https://docs.saviyntcloud.com/bundle/AD-v24x/page/Content/Configuring-the-Integration-for-Provisioni...

 


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

rushikeshvartak
All-Star
All-Star

One of the attributes is not able to resolve. Reduce number of attributes and try 


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

rushikeshvartak
All-Star
All-Star

{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14}",
"givenName": "${user.firstname}",
"streetAddress": "${DA_streetAddress}",
"postOfficeBox": "${DA_postOfficeBox}",
"postalCode": "${DA_postalCode}",
"l": "${user.city != null ? user.city : ''}",
"corpCustomAttribute033": "${user.customproperty8}",
"title": "${user.jobdescription}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${user.customproperty22 != null ? user.customproperty22 : ''}",
"corpCustomAttribute040": "${user.customproperty25 != null ? user.customproperty25 : ''}",
"corpCustomAttribute041": "${user.customproperty26 != null ? user.customproperty26 : ''}",
"userPrincipalName": "${user.customproperty6 != null ? user.customproperty6 : ''}",
"mail": "${user.email != null ? user.email : ''}",
"telephoneNumber": "${user.phonenumber != null ? user.phonenumber : ''}",
"facsimileTelephoneNumber": "${user.customproperty47 != null ? user.customproperty47 : ''}",
"physicalDeliveryOfficeName": "${user.siteid != null ? user.siteid : ''}",
"targetAddress": "${user.email != null ? user.email : ''}",
"corpCustomAttribute005": "${user.customproperty41 != null ? user.customproperty41 : ''}",
"displayName": "${DA_displayname}",
"company": "${user.companyname != null ? user.companyname : ''}",
"corpCustomAttribute001": "${user.username != null ? user.username : ''}",
"corpCustomAttribute031": "${user.customproperty37 != null ? user.customproperty37 : ''}",
"extensionAttribute1": "${[user.customproperty37, '-', user.employeeid].join('')}",
"extensionAttribute7": "${[user.customproperty37, '-', user.costcenter].join('')}",
"extensionAttribute8": "${user.customproperty16 != null ? user.customproperty16 : ''}",
"extensionAttribute9": "${DA_extensionAttribute9}",
"extensionAttribute13": "${user.employeetype != null ? user.employeetype : ''}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}


Regards,
Rushikesh Vartak
If you find this response useful, kindly consider selecting 'Accept As Solution' and clicking on the 'Kudos' button.

Hi Rushikesh,

No 'createaccountJSON' is working for AD provisioning.
always its giving the error (ENTRY_EXIST)

parthaghosh_0-1719303030094.png

any advice to resole this will be of great help.

regards,

Partha

@HarishG @parthaghosh I have faced similar issue earlier.Root cause was i was used jobdescription instead of jobDescription and employeetype instead of employeeType.

Check if there are any incorrect mappings and try with minimum numberof mappings to identify the cause.

{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14}",
"givenName": "${user.firstname}",
"streetAddress": "${DA_streetAddress}",
"postOfficeBox": "${DA_postOfficeBox}",
"postalCode": "${DA_postalCode}",
"l": "${user.city != null ? user.city : ''}",
"corpCustomAttribute033": "${user.customproperty8}",
"title": "${user.jobDescription}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${user.customproperty22 != null ? user.customproperty22 : ''}",
"corpCustomAttribute040": "${user.customproperty25 != null ? user.customproperty25 : ''}",
"corpCustomAttribute041": "${user.customproperty26 != null ? user.customproperty26 : ''}",
"userPrincipalName": "${user.customproperty6 != null ? user.customproperty6 : ''}",
"mail": "${user.email != null ? user.email : ''}",
"telephoneNumber": "${user.phonenumber != null ? user.phonenumber : ''}",
"facsimileTelephoneNumber": "${user.customproperty47 != null ? user.customproperty47 : ''}",
"physicalDeliveryOfficeName": "${user.siteid != null ? user.siteid : ''}",
"targetAddress": "${user.email != null ? user.email : ''}",
"corpCustomAttribute005": "${user.customproperty41 != null ? user.customproperty41 : ''}",
"displayName": "${DA_displayname}",
"company": "${user.companyname != null ? user.companyname : ''}",
"corpCustomAttribute001": "${user.username != null ? user.username : ''}",
"corpCustomAttribute031": "${user.customproperty37 != null ? user.customproperty37 : ''}",
"extensionAttribute1": "${[user.customproperty37, '-', user.employeeid].join('')}",
"extensionAttribute7": "${[user.customproperty37, '-', user.costcenter].join('')}",
"extensionAttribute8": "${user.customproperty16 != null ? user.customproperty16 : ''}",
"extensionAttribute9": "${DA_extensionAttribute9}",
"extensionAttribute13": "${user.employeeType != null ? user.employeeType : ''}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.

corrected those 2 attributes, now trying with very less attributes, but same error.

{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14==null? user.lastname:user.customproperty14}",
"givenName": "${user.preferedFirstName==null? user.firstname:user.preferedFirstName}",
"l": "${user.city}",
"title": "${user.jobDescription}",
"userPrincipalName": "${user.customproperty6}",
"mail": "${user.email}",
"telephoneNumber": "${user.phonenumber}",
"facsimileTelephoneNumber": "${user.customproperty47}",
"physicalDeliveryOfficeName": "${user.siteid}",
"targetAddress": "${user.email}",
"company": "${user.companyname}",
"mobile": "${user.secondaryphone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}

 

-- Partha

parthaghosh
New Contributor III
New Contributor III

finally, we could make it work.

{
"Language": "${user.customproperty19}",
"sn": "${user.customproperty14==null? user.lastname:user.customproperty14}",
"givenName": "${user.preferedFirstName==null? user.firstname:user.preferedFirstName}",
"streetAddress": "${requestAccessAttributes.get('DA_streetAddress')}",
"postOfficeBox": "${requestAccessAttributes.get('DA_postOfficeBox')}",
"postalCode": "${requestAccessAttributes.get('DA_postalCode')}",
"l": "${user.city}",
"title": "${user.jobDescription}",
"corpCustomAttribute005": "${user.customproperty41}",
"corpCustomAttribute033": "${user.customproperty8}",
"corpCustomAttribute034": "${user.jobcodedesc}",
"corpCustomAttribute035": "${user.customproperty15}",
"corpCustomAttribute036": "${user.departmentNumber}",
"corpCustomAttribute039": "${user.customproperty22}",
"corpCustomAttribute040": "${user.customproperty25}",
"corpCustomAttribute041": "${user.customproperty26}",
"corpCustomAttribute001": "${user.username}",
"corpCustomAttribute031": "${user.customproperty37}",
"extensionAttribute1": "${user.customproperty37}-${user.employeeid}",
"extensionAttribute7": "${user.customproperty37}-${user.costcenter}",
"extensionAttribute8": "${user.customproperty16}",
"extensionAttribute9": "${requestAccessAttributes.get('DA_extensionAttribute9')}",
"extensionAttribute13": "${user.employeeType}",
"userPrincipalName": "${user.customproperty6}",
"mail": "${user.email}",
"telephoneNumber": "${user.phonenumber}",
"facsimileTelephoneNumber": "${user.customproperty47}",
"physicalDeliveryOfficeName": "${user.siteid}",
"targetAddress": "${user.email}",
"displayName": "${requestAccessAttributes.get('DA_displayname')}",
"company": "${user.companyname}",
"mobile": "${user.secondaryPhone}",
"sAMAccountName": "${user.username}",
"pwdLastSet": "0",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
]
}

 

 

 

thanks

@parthaghosh Great, Then you can close the thread by selecting appropriate reply as accepted as solution.

 

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.