Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD Provisioning not working

Go to solution
ray
Regular Contributor
Regular Contributor

‎02/28/2024 10:30 AM - edited ‎02/28/2024 10:30 AM

Hello, the provisionning of account is not working towards AD.

here is the configuration i have :

Account Attribute :

[
NAME::sAMAccountName#String,
DISPLAYNAME::displayName#String,
LASTLOGONDATE::lastLogon#millisec,
LASTPASSWORDCHANGE::pwdLastSet#millisec,
UPDATEDATE::whenChanged#date,
VALIDTHROUGH::accountExpires#millisec,
CREATED_ON::whenCreated#date,
ACCOUNTCLASS::objectClass#String,
CUSTOMPROPERTY1::cn#String,
CUSTOMPROPERTY4::PFUniqueID#String,
CUSTOMPROPERTY5::employeeType#String,
CUSTOMPROPERTY6::sn#String,
CUSTOMPROPERTY7::employeeID#String,
CUSTOMPROPERTY8::co#String,
CUSTOMPROPERTY9::o#String,
CUSTOMPROPERTY10::givenName#String,
CUSTOMPROPERTY11::c#String,
CUSTOMPROPERTY13::patronymicName#String,
CUSTOMPROPERTY14::mail#String,
CUSTOMPROPERTY15::company#String,
CUSTOMPROPERTY16::division#String,
CUSTOMPROPERTY17::extensionAttribute1#date,
CUSTOMPROPERTY18::extensionAttribute2#String,
CUSTOMPROPERTY19::extensionAttribute5#String,
CUSTOMPROPERTY20::extensionAttribute6#String,
CUSTOMPROPERTY21::extensionAttribute12#String,
CUSTOMPROPERTY22::countryCode#String,
CUSTOMPROPERTY24::manager#String,
CUSTOMPROPERTY25::houseIdentifier#String,
CUSTOMPROPERTY26::physicalDeliveryOfficeName#String,
CUSTOMPROPERTY27::userPrincipalName#String,
CUSTOMPROPERTY28::distinguishedName#String,
CUSTOMPROPERTY30::useraccountControl#String,
RECONCILATION_FIELD::ACCOUNTID,ACCOUNTID::objectGUID#Binary]

CREATEACCOUNTJSON :

{
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"accountExpires": "0",
"cn": "${user.username}",
"co": "FR",
"displayName": "${user.displayname}",
"employeeID": "${user.username}",
"employeeNumber": "1",
"employeeType": "EXTERNE",
"givenName": "${user.firstname}",
"l": "Paris",
"mail": "${user.email}",
"name": "${user.displayname}",
"physicalDeliveryOfficeName": "EW123456",
"manager": "${user.owner}",
"pwdLastSet": "0",
"sn": "${user.lastname}",
"st": "paris",
"streetAddress": "street",
"title": "Comptable",
"sAMAccountName": "${user.username}",
"userAccountControl": 512
}

 

I have the automated and instant provisionning enabledi nthe SSM.

ray_2-1709144678441.png

Can anyone help identify the issue please? I have the impression that the provisionning is not triggered for account creation.

Regards,

Ray

 

0 Kudos
7 REPLIES 7

Go to solution
CR
Regular Contributor III
Regular Contributor III

‎02/28/2024 06:42 PM

@ray  can you try your payload use '?' and add it and confirm all

example:

"givenName": "${user?.firstname}",


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Go to solution
rushikeshvartak
All-Star
All-Star

‎02/28/2024 07:01 PM

Can you share logs


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Go to solution
ray
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎02/28/2024 11:44 PM - edited ‎02/29/2024 12:42 AM

please find logs attahed.

Job name :AD_Test_createUser

thank you in advance,

Ray

Preview file
2011 KB
0 Kudos

Go to solution
SumathiSomala
All-Star
All-Star

‎02/28/2024 10:43 PM

@ray Which error you are getting and share the logs to identify the cause.

 

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos

Go to solution
ray
Regular Contributor
Regular Contributor
In response to SumathiSomala

‎02/28/2024 11:47 PM

i shared the logs, so what is happening is :

i navigate to manage access for others and i request new account for a external user created from user create form. then i complete the task.
I start the reconciliation job that ends with success but without importing the account created.

ray_0-1709192818165.png

 



0 Kudos

Go to solution
ray
Regular Contributor
Regular Contributor
In response to SumathiSomala

‎02/29/2024 03:22 AM

new logs 

Preview file
1922 KB
0 Kudos

Go to solution
ray
Regular Contributor
Regular Contributor

‎02/29/2024 06:35 AM

it is working now, i used this for example 
{
"accountExpires": "0",
"cn": "${user.username}",
"co": "FR",
"displayName": "${user.displayname}",
"employeeID": "${user.username}",
"employeeNumber": "1",
"employeeType": "EXTERNE",
"givenName": "${user.firstname}",
"l": "Paris",
"mail": "${user.email}",
"name": "${user.displayname}",
"objectClass": ["top", "person", "organizationalPerson", "user"],
"physicalDeliveryOfficeName": "Building A",
"pwdLastSet": "0",
"sAMAccountName": "${user.username}",
"sn": "${user.lastname}",
"st": "paris",
"streetAddress": "street",
"title": "Comptable",
"unicodePwd": "InitialPassword123!",
"userAccountControl": 512,
"userPrincipalName": "${user.customproperty21}"
}

0 Kudos
Copyright © 2024 Khoros, LLC