and more in a single search tool across platforms. Read the announcement here. |
02/05/2024 05:01 AM
We have an LDAP connector and we are using CreateaccountJSON to create account in the target LDAP.
We have a requirement to pass objectSID at the time of account creation or update the account later with objectSID value. Basically, we are storing an objectSID on user profile from one LDAP connection and on the other LDAP connection we have use the objectSID from user profile while creating the account in second LDAP directory.
While provisioning account to target we are getting error in Saviynt "[LDAP: error code 53 - 000020E7: SvcErr: DSID-03153AD5, problem 5003 (WILL_NOT_PERFORM)"
This could be because of the format of objectSID, here is one of the example of objectSID: S-1-5-21-733604390-2946160440-742942679-281075.
How can i pass the objectSID value from Saviynt to provision the account on target LDAP?
02/05/2024 07:40 PM
ensure that your LDAP server supports the modification of the objectSid attribute during account creation.
02/05/2024 09:28 PM
We did verified it and LDAP server supports it. As per the current process, client is already doing it and we have to replace that with Saviynt.
02/05/2024 09:58 PM
Provide json
02/06/2024 01:07 AM
{ "displayname":"${if(user?.displayname!=null && user?.displayname!=''){user?.displayname}else{''}}", "givenname":"${if(user?.firstname!=null && user?.firstname!=''){user?.firstname}else{''}}", "sn":"${if(user?.lastname!=null && user?.lastname!=''){user?.lastname}else{''}}", "mail":"${user.email}", "cn":"${cn}", "name":"${user.username}", "objectClass":["top","person","organizationalPerson","userProxyFull"], "objectSid":"S-1-5-21-733604390-2946160440-742942679-281075", "uid":"${user?.username}", "title":"${if(user?.title!=null && user?.title!=''){user?.title}else{''}}", "preferredLanguage":"${if(user?.customproperty1!=null && user?.customproperty1!=''){user?.customproperty1}else{''}}", "userPrincipalName":"${user.username + '@vcnqalab.dsqalab.volvo.net'}", "department":"${if(user?.departmentname!=null && user?.departmentname!=''){user?.departmentname}else{''}}", "postalCode":"${if(user?.customproperty4!=null && user?.customproperty4!=''){user?.customproperty4}else{''}}", "street":"${if(user?.street!=null && user?.street!=''){user?.street}else{''}}" }
02/06/2024 08:50 PM
Does hardcoded works from saviynt ?
{
"displayname": "${if(user?.displayname!=null && user?.displayname!=''){user?.displayname}else{''}}",
"givenname": "${if(user?.firstname!=null && user?.firstname!=''){user?.firstname}else{''}}",
"sn": "${if(user?.lastname!=null && user?.lastname!=''){user?.lastname}else{''}}",
"mail": "${user.email}",
"cn": "${cn}",
"name": "${user.username}",
"objectClass": ["top","person","organizationalPerson","userProxyFull"],
"objectSid": "S-1-5-21-733604390-2946160440-742942679-281075",
"uid": "${user?.username}",
"title": "${if(user?.title!=null && user?.title!=''){user?.title}else{''}}",
"preferredLanguage": "${if(user?.customproperty1!=null && user?.customproperty1!=''){user?.customproperty1}else{''}}",
"userPrincipalName": "${user.username + '@vcnqalab.dsqalab.volvo.net'}",
"department": "${if(user?.departmentname!=null && user?.departmentname!=''){user?.departmentname}else{''}}",
"postalCode": "${if(user?.customproperty4!=null && user?.customproperty4!=''){user?.customproperty4}else{''}}",
"street": "${if(user?.street!=null && user?.street!=''){user?.street}else{''}}"
}
02/06/2024 11:26 PM
I think it does works. Anyhow, I have tried to get it from user customproperty also, but still did not worked