We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

ADSI - UpdateAccountJSON reads script as plain text

kunal_saxena
New Contributor III
New Contributor III

Hi,

We have configured UpdateAccountJSON in ADSI connection. Within the JSON, we are specifying the distinguishedName property as "distinguishedName": "${account.accountID?.replace('\\', '\\\\')?.replace('/', '\\/')}"

This is as per the documentation: https://docs.saviyntcloud.com/bundle/ADSI-v55x/page/Content/Configuring-the-Integration-for-Provisio...

UpdateAccountJSON:

 

 

{
    "objects": [
        {
            "objectClasses": [
                "user"
            ],
            "distinguishedName": "${account.accountID?.replace('\\', '\\\\')?.replace('/','\\/')}",
            "attributes": {
                "postalcode": "${user?.location}",
                "st": "${user?.state}",
                "l": "${user?.city}",
                "streetAddress": "${user?.street}",
                "mail": "${user?.email}",
                "sn": "${user?.lastname}",
                "givenName": "${user?.firstname}",
                "middleName": "${user?.middlename}",
                "telephonenumber": "${user?.phonenumber}"
            }
        }
    ]
}

However, on executing the Update account task we are getting the following error:

Error while update account in AD : { "status": "Failure", "failedObjects": [ { "id": "${account.accountID?.replace('\\', '\\\\')?.replace('/', '\\/')}", "status": "Failure", "message": "${account.accountID?.replace('\\', '\\\\')?.replace('/', '\\/')} does not exist.", "messageCodes": "OBJ_ERR_MSG_00002" } ], "connectionString": "LDAP://abc.com:389" }

FYI - I also tried the solution mentioned here but it did not work. Got the similar error.

Has anyone came across this issue ? Anyone has a working JSON for this use case ?

 
Thanks,
Kunal
8 REPLIES 8

Rajesh-R
Saviynt Employee
Saviynt Employee

@kunal_saxena - Could you try the following:

"distinguishedName": "${account?.accountID.replace('\\', '\\\\').replace('/', '\\/')}",

Thanks
Rajesh Ramalingam
Saviynt India

SumathiSomala
All-Star
All-Star

@kunal_saxena Could you please try below

"distinguishedName":"${task.accountKey.accountID?.replace('\\', '\\\\')?.replace('/', '\\/')}"

 

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.

kunal_saxena
New Contributor III
New Contributor III

Hi @Rajesh-R @SumathiSomala , Thank you for your prompt response. I have tried both options and have received similar error:

{ "status": "Failure", "failedObjects": [ { "id": "${account?.accountID.replace('\\', '\\\\')?.replace('/', '\\/')}", "status": "Failure", "message": "${account?.accountID.replace('\\', '\\\\')?.replace('/', '\\/')} does not exist.", "messageCodes": "OBJ_ERR_MSG_00002" } ], "connectionString": "LDAP://abc.com:389" }

{ "status": "Failure", "failedObjects": [ { "id": "${task.accountKey.accountID?.replace('\\', '\\\\')?.replace('/', '\\/')}", "status": "Failure", "message": "${task.accountKey.accountID?.replace('\\', '\\\\')?.replace('/', '\\/')} does not exist.", "messageCodes": "OBJ_ERR_MSG_00002" } ], "connectionString": "LDAP://abc.com:389" }

So far, I have tried the following options, but no success so far:

"distinguishedName": "${account?.accountID.replace('\\', '\\\\')?.replace('/','\\/')}"
"distinguishedName": "${arstasksObj?.accountName.replace('\\', '\\\\')?.replace('/','\\/')}"
"distinguishedName": "${accountID?.replace('\\', '\\\\')?.replace('/','\\/')}"
"distinguishedName":"${task.accountKey.accountID?.replace('\\', '\\\\')?.replace('/', '\\/')}"

Thanks,

Kunal

Rajesh-R
Saviynt Employee
Saviynt Employee

@kunal_saxena  Could you please try with replaceAll instead of replace.


Thanks
Rajesh Ramalingam
Saviynt India

@Rajesh-R - Now, I am getting a different error:

{ "status": "Failure", "failedObjects": [ { "id": "${account?.accountID.replaceAll('\\', '\\\\').replaceAll('/','\\/')}", "status": "Failure", "message": "Invalid object class.", "messageCodes": "OBJ_ERR_00014" } ], "connectionString": "LDAP://abc.com:389" }

Rajesh-R
Saviynt Employee
Saviynt Employee

@kunal_saxena  - Please check the objectClasses of the User. Do you want to update the objectClasses too? Otherwise just try the below:

{
    "objects": [
        {
            "distinguishedName": "${account.accountID?.replaceAll('\\', '\\\\')?.replaceAll('/','\\/')}",
            "attributes": {
                "postalcode": "${user?.location}",
                "st": "${user?.state}",
                "l": "${user?.city}",
                "streetAddress": "${user?.street}",
                "mail": "${user?.email}",
                "sn": "${user?.lastname}",
                "givenName": "${user?.firstname}",
                "middleName": "${user?.middlename}",
                "telephonenumber": "${user?.phonenumber}"
            }
        }
    ]
}

 


Thanks
Rajesh Ramalingam
Saviynt India

kunal_saxena
New Contributor III
New Contributor III

Hi @Rajesh-R , Looks like it is mandatory to provide objectClasses in UpdateAccountJSON. On removing objectClasses from JSON, I am getting this error:

Error while update account in AD : { "status": "Failure", "failedObjects": [ { "status": "Failure", "message": "'objectClasses' and 'distinguishedName' are mandatory attributes.", "messageCodes": "OBJ_ERR_MSG_00001" } ], "connectionString": "LDAP://abc.com:389" }

Also, objectClasses seems to not be a problem. When I provide the objectClasses and provide a hardcoded accountID, the Update account task works. Example:

{
	"objects": [{
		"objectClasses": ["user"],
		"distinguishedName": "CN=testing user,CN=Users,DC=abc,DC=com",
		"attributes": {
			"sn": "${user?.lastname}"
		}
	}]
}

 The problem as stated in the original post is with script being read as plain text:

"id": "${account.accountID?.replaceAll('\\', '\\\\')?.replaceAll('/','\\/')}", "status": "Failure", "message": "${account.accountID?.replaceAll('\\', '\\\\')?.replaceAll('/','\\/')} does not exist."

kunal_saxena
New Contributor III
New Contributor III

The issue got resolved by using: accountsObj?.accountID.replace('\\', '\\\\')?.replace('/', '\\/')

Example:

{
	"objects": [{
		"objectClasses": ["user"],
		"distinguishedName": "${accountsObj?.accountID.replace('\\', '\\\\')?.replace('/', '\\/')}",
		"attributes": {
			"sn": "${user?.lastname}"
		}
	}]
}