We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Issue with Secondary LDAP Account Creation

tuhink
New Contributor II
New Contributor II
Trying to create a secondary LDAP account ( security system,endpoint,connection is same) for a user. The unique attribute is different which is set up as to create like uid=account/uid=account1/uid=account2 in the same ldap schema. Though the 2nd account is generating distinct DN/uid(account1) which can seen in the logs, still its throwing error while completing the New Account Task. The primary account (1st Account) is created as uid=Account,cn=users,dc=domain,dc=com.
 
ACCOUNTNAMERULE:
 
uid=${if(user.employeeType.equals('Condition1')){user.username} else if (user.employeeType.equals('Condition2')){user.customproperty2}else{user.firstname.concat(' ').concat(user.lastname)}},cn=users,dc=domain,dc=com###uid=${if(user.employeeType.equals('Condition1')){user.username} else if (user.employeeType.equals('Condition2')){user.customproperty2}else{user.firstname.concat(' ').concat(user.lastname)}}1,cn=users,dc=domain,dc=com###uid=${if(user.employeeType.equals('Condition1')){user.username} else if (user.employeeType.equals('Condition2')){user.customproperty2}else{user.firstname.concat(' ').concat(user.lastname)}}2,cn=users,dc=domain,dc=com
 
CHECKFORUNIQUE:
{"uid":"${if(user.employeeType.equals('Condition1')){user.username} else if (user.employeeType.equals('Condition2')){user.customproperty2}else{user.firstname.concat(' ').concat(user.lastname)}}"}###{"uid":"${if(user.employeeType.equals('Condition1')){user.username.concat('1')} else if (user.employeeType.equals('Condition2')){user.customproperty2.concat('1')}else{user.firstname.concat(' ').concat(user.lastname).concat('1')}}"}###{"uid":"${if(user.employeeType.equals('Condition1')){user.username.concat('2')} else if (user.employeeType.equals('Condition2')){user.customproperty2.concat('2')}else{user.firstname.concat(' ').concat(user.lastname).concat('2')}}"}
 
 
CREATEACCOUNTJSON:
{
  "uid": "${uid}",
  "cn": "${user.firstname.concat(' ').concat(user.lastname)}",
  "pos": "${user.title?user.title:''}",
  "ou": "${user.departmentname?user.departmentname:''}",
  "displayname": "${user.displayname}",
  "deal": "${user.customproperty6?user.customproperty6:''}",
  "employeenumber": "${user.username}",
  "employeetype": "${user.employeeType?user.employeeType:''}",
  "givenName": "${user.firstname}",
  "no": "${user.username}",
  "mail": "${user.email?user.email:''}",
  "name": "${user.displayname}",
  "objectClass": [
    "top",
    "person",
    "organizationalPerson",
"ePerson",
"inetOrgPerson"
  ],
  "mobile": "${user.phonenumber?user.phonenumber:''}",
  "sn": "${user.lastname}",
  "l": "${user.customproperty1?user.customproperty1:''}",
  "manager": "${managerAccount!=null ? managerAccount.accountID: ''}",
  "UnicodePwd": "Password!1"
}
 
 
Logs:
 
"2024-02-12T14:10:52.486+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","[uid=Account,cn=users,dc=domain,dc=com] found in target"
"2024-02-12T14:10:52.486+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Checking DN for [uid=Account1,cn=users,dc=domain,dc=com] in target"
"2024-02-12T14:10:52.486+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Enter isADConnection"
"2024-02-12T14:10:52.486+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","External connection is :: ConnectionName"
"2024-02-12T14:10:52.487+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Connection is LDAP.. Setting to FALSE"
"2024-02-12T14:10:52.487+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","isadconnection = false"
"2024-02-12T14:10:52.487+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Exit isADConnection"
"2024-02-12T14:10:52.487+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","modifieddn  = uid=Account1,cn=users,dc=domain,dc=com"
"2024-02-12T14:10:52.648+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","[uid=Account1,cn=users,dc=domain,dc=com] not found in target"
"2024-02-12T14:10:52.889+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Enter readAttributeValue"
"2024-02-12T14:10:52.889+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","attribute to be read = REUSEINACTIVEACCOUNT"
"2024-02-12T14:10:52.890+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","attrValue = FALSE"
"2024-02-12T14:10:52.890+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Exit readAttributeValue"
"2024-02-12T14:10:52.890+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","ERROR","Error while creating account - 0200064 removing tasks from the list,Could not find a unique uid to provision  "
1 REPLY 1

tuhink
New Contributor II
New Contributor II

Issue resolved.It was occurring due some unique attribute in target.