Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/16/2024 11:15 PM
Hi Team,
When creating an OUD account, the object class [top, st-person] is included. We tried to add another objectclass [st-login] for that OUD account, but it threw an error below.
Error:
"2024-06-17T05:30:56.925+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","JSON to be used for Update Account-{"
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," "employeenumber":"${user.username}","
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," "givenName":"${user.firstname}","
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," "objectClass":["
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," "top","
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," "st-person","
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," "st-login""
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," ],"
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," "sn":"${user.lastname}","
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx",""," "st-entrystatus":"A""
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx","","}"
"2024-06-17T05:30:56.925+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","Binding Map-[ServiceAccountOwnerMap:[:], endpointsObj:STOUDDEV, entitlementValuesObj:null, manager:344583, usersObj:344583, cn:ed131201, usersManagerObj:344583, managerAccount:null, userAttributesMap:[:], password:****, task:com.saviynt.ecm.task.ArsTasks : 1044, cnRDN:st-eduid=ed131201, requestAccessAttributes:[:], user:344583, account:ed131201, arstasksObj:com.saviynt.ecm.task.ArsTasks : 1044, accountsObj:ed131201]"
"2024-06-17T05:30:56.926+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","movetoUserou in updateLDAPAccount null"
"2024-06-17T05:30:56.927+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","DataMap-[st-entrystatus:A, employeenumber:344583, givenName:GOMEZ, objectClass:[top, st-person, st-login], sn:Francisco]"
"2024-06-17T05:30:56.927+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","Enter isADConnection"
"2024-06-17T05:30:56.927+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","External connection is :: STOUDDEV"
"2024-06-17T05:30:56.927+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","Connection is LDAP.. Setting to FALSE"
"2024-06-17T05:30:56.927+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","isadconnection = false"
"2024-06-17T05:30:56.927+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","Exit isADConnection"
"2024-06-17T05:30:56.927+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","escapeddn = st-eduid=ed131201,ou=people,dc=st,dc=com"
"2024-06-17T05:30:57.128+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","LDAP Account Attrs-[employeetype:st, st-entrystatus:A, employeenumber:344583, givenname:GOMEZ, st-eduid:ed131201, dn:st-eduid=ed131201,ou=people,dc=st,dc=com, sn:Francisco, objectclass:[top, st-person]]"
"2024-06-17T05:30:57.130+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","readOperationalAttributes = null"
"2024-06-17T05:30:57.130+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","datamapval:null"
"2024-06-17T05:30:57.130+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","excludedAttributesForPasswordBinding:null"
"2024-06-17T05:30:57.130+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","excludedAttributesForPasswordBinding:null"
"2024-06-17T05:30:57.130+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","excludedAttributesForPasswordBinding:null"
"2024-06-17T05:30:57.130+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","dataList-[top, st-person, st-login]"
"2024-06-17T05:30:57.130+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","excludedAttributesForPasswordBinding:null"
"2024-06-17T05:30:57.131+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","values2beAdded (lowercased) = [st-login]"
"2024-06-17T05:30:57.131+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","Exception in processItemsforModification"
"2024-06-17T05:30:57.538+00:00","ecm-worker","","null-pvpzx","","groovy.lang.MissingMethodException: No signature of method: java.util.LinkedHashMap.equalsIgnoreCase() is applicable for argument types: (java.lang.String) values: [proxyAddresses] at com.saviynt.ldap.SaviyntGroovyLdapService$_processItemsforModification_closure126.doCall(SaviyntGroovyLdapService.groovy:9771) at com.saviynt.ldap.SaviyntGroovyLdapService.processItemsforModification(SaviyntGroovyLdapService.groovy:9770) at com.saviynt.ldap.SaviyntGroovyLdapService$_updateLDAPAccount_closure79.doCall(SaviyntGroovyLdapService.groovy:7158) at com.saviynt.ldap.SaviyntGroovyLdapService.updateLDAPAccount(SaviyntGroovyLdapService.groovy:7083) at com.saviynt.ldap.SaviyntGroovyLdapService$_updateAccountGLDAP_closure7.doCall(SaviyntGroovyLdapService.groovy:2667) at com.saviynt.ldap.SaviyntGroovyLdapService.updateAccountGLDAP(SaviyntGroovyLdapService.groovy:2236) at com.saviynt.ecm.services.ArsTaskService.updateAccountTarget(ArsTaskService.groovy:11424) at com.saviynt.ecm.services.ArsTaskHelperService$_whenTaskTypeIsTwelveUpdateAccount_closure46.doCall(ArsTaskHelperService.groovy:2890) at com.saviynt.ecm.services.ArsTaskHelperService.whenTaskTypeIsTwelveUpdateAccount(ArsTaskHelperService.groovy:2880) at com.saviynt.ecm.services.ArsTaskHelperService$_completeAutoProvTasksUpgraded_closure1.doCall(ArsTaskHelperService.groovy:200) at com.saviynt.ecm.services.ArsTaskHelperService.completeAutoProvTasksUpgraded(ArsTaskHelperService.groovy:160) at MultipleProvisioningJob.execute(MultipleProvisioningJob.groovy:222) at org.quartz.core.JobRunShell.run(JobRunShell.java:199) at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:546)"
"2024-06-17T05:30:57.131+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-8-pvpzx","DEBUG","excludedAttributesForPasswordBinding:null"
--proxyAddresses: this does not include in OUD schema.
CreateaccountJSON:
{
"employeenumber":"${user.username}",
"givenName":"${user.firstname}",
"objectClass":[
"top",
"st-person"
],
"sn":"${user.lastname}",
"st-entrystatus":"${user.customproperty1}"
}
UpdateaccountJSON:
{
"employeenumber":"${user.username}",
"givenName":"${user.firstname}",
"objectClass":[
"top",
"st-person",
"st-login"
],
"sn":"${user.lastname}",
"st-entrystatus":"${user.customproperty1}"
}
I require assistance with this problem.
Thanks
06/16/2024 11:58 PM
Hi @sureshchalla , As per logs i see an error while changing the password, are you also trying to change user password?
06/17/2024 12:16 AM - edited 06/17/2024 12:17 AM
YES,
I saw that error.
ERROR","Error occured while changing password"
"2024-06-17T05:30:58.540+00:00","ecm-worker","","null-pvpzx","","javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Entry st-eduid=ed131201,ou=people,dc=st,dc=com cannot not be modified because the resulting entry would have violated the server schema: Entry st-eduid=ed131201,ou=people,dc=st,dc=com violates the Directory Server schema configuration because it includes attribute userPassword which is not allowed by any of the objectclasses defined in that entry]; remaining name 'st-eduid=ed131201,ou=people,dc=st,dc=com'
What is the reason for this error?
06/17/2024 12:20 AM
can you share your resetandchange password json?
06/17/2024 12:21 AM
RESETANDCHANGEPASSWRDJSON:
{
"userPassword": "${randomPassword}"
}
06/17/2024 12:28 AM
@sureshchalla , try "UnicodePwd" once..
06/17/2024 12:48 AM
I tried,
{
"RESET": {
"pwdLastSet": "-1",
"title": "reset password changed"
},
"CHANGE": {
"title": "change password changed",
"pwdLastSet": "-1",
"UnicodePwd": "${randomPassword}"
}
}
06/17/2024 01:49 AM
@sureshchalla , when you try to set password in create account does that work?
error -Directory Server schema configuration because it includes attribute userPassword which is not allowed by any of the objectclasses defined in that entry];
try to remove the last object class [st-login] and the try .. instead of unicodePwd use userPassword only
06/21/2024 05:29 AM
We are facing the same problem.
06/21/2024 05:54 AM
Does it works directly from oud