Click HERE to see how Saviynt Intelligence is transforming the industry. |
07/30/2024 11:17 AM
Upon checking for UPN uniqueness in AD connector using the below logic:
{"userPrincipalName": "${if(type.equals('Service Account')) {prefix+'-'+term+'-Svc'+task.endpoint?.customproperty1} else {prefix+'-RES0001'+task.endpoint?.customproperty1}}###${if(type.equals('Service Account')) {prefix+'-'+term+'-Svc'+task.endpoint?.customproperty1} else {prefix+'-RES0002'+task.endpoint?.customproperty1}}"}
I am getting the below error:
07/30/2024 09:03 PM
{
"userPrincipalName": "${if(type.equals('Service Account')) {prefix+'-'+term+'-Svc'+task.endpoint?.customproperty1} else {prefix+'-RES0001'+task.endpoint?.customproperty1}}###${if(type.equals('Service Account')) {prefix+'-'+term+'-Svc'+task.endpoint?.customproperty1} else {prefix+'-RES0002'+task.endpoint?.customproperty1}}"
}
07/30/2024 09:14 PM
@rushikeshvartakThanks for you response, I have used the same logic as mentioned in my question as well. I don't see any difference in your JSON and the mine which is not working for me.
07/30/2024 09:25 PM
Could you kindly provide a detailed snapshot of the information extracted from the logs, encompassing errors and other pertinent functionality details encountered during the execution of this process? Your assistance in furnishing this information would greatly aid in the analysis and resolution of any issues .
‼️‼️⚠️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.⚠️‼️‼️
07/30/2024 09:29 PM
@rushikeshvartak logs are attached in the my initial query as well, pasting it here again:
07/30/2024 11:08 PM
Looking for logs in text file with to check all details
07/30/2024 11:17 PM
Hi @ShubhamBabbar , can you share your account name rule?
07/31/2024 12:10 AM
@NM
AccountNameRule: CN=${if(type.equals('Service Account')) {prefix + '-' + term.replaceAll(',','') + '-Service,' + task.endpoint?.customproperty2} else {prefix+' '+resourceType+' '+termResource.replaceAll(',','')+','+ task.endpoint?.customproperty3 }}
@rushikeshvartak PFA logs
07/31/2024 09:32 AM
Does user already exists ?
"2024-07-31T07:06:47.004+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-17-ggr94","ERROR","Error while creating account in AD - [LDAP: error code 68 - 00000524: UpdErr: DSID-031A11FA, problem 6005 (ENTRY_EXISTS), data 0"
07/31/2024 09:38 AM
@rushikeshvartak Yes A2-RES0001@domain.com UPN exists in a different OU in the same directory thats why check for unique should use the second option A2-RES0002@domain.com
07/31/2024 10:11 AM
Hi @ShubhamBabbar , in short you are trying to create an account in an different OU and once you did a check based on UPN it was able to find an account in different OU but didn't use incremental rule defined in checkforunique right?
07/31/2024 11:56 PM
That is correct @NM
08/01/2024 10:03 PM
What is your base DN ?