Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue with Secondary LDAP Account Creation

Go to solution
tuhink
New Contributor II
New Contributor II

‎02/12/2024 08:27 PM

Trying to create a secondary LDAP account ( security system,endpoint,connection is same) for a user. The unique attribute is different which is set up as to create like uid=account/uid=account1/uid=account2 in the same ldap schema. Though the 2nd account is generating distinct DN/uid(account1) which can seen in the logs, still its throwing error while completing the New Account Task. The primary account (1st Account) is created as uid=Account,cn=users,dc=domain,dc=com.
 
ACCOUNTNAMERULE:
 
uid=${if(user.employeeType.equals('Condition1')){user.username} else if (user.employeeType.equals('Condition2')){user.customproperty2}else{user.firstname.concat(' ').concat(user.lastname)}},cn=users,dc=domain,dc=com###uid=${if(user.employeeType.equals('Condition1')){user.username} else if (user.employeeType.equals('Condition2')){user.customproperty2}else{user.firstname.concat(' ').concat(user.lastname)}}1,cn=users,dc=domain,dc=com###uid=${if(user.employeeType.equals('Condition1')){user.username} else if (user.employeeType.equals('Condition2')){user.customproperty2}else{user.firstname.concat(' ').concat(user.lastname)}}2,cn=users,dc=domain,dc=com
 
CHECKFORUNIQUE:
{"uid":"${if(user.employeeType.equals('Condition1')){user.username} else if (user.employeeType.equals('Condition2')){user.customproperty2}else{user.firstname.concat(' ').concat(user.lastname)}}"}###{"uid":"${if(user.employeeType.equals('Condition1')){user.username.concat('1')} else if (user.employeeType.equals('Condition2')){user.customproperty2.concat('1')}else{user.firstname.concat(' ').concat(user.lastname).concat('1')}}"}###{"uid":"${if(user.employeeType.equals('Condition1')){user.username.concat('2')} else if (user.employeeType.equals('Condition2')){user.customproperty2.concat('2')}else{user.firstname.concat(' ').concat(user.lastname).concat('2')}}"}
 
 
CREATEACCOUNTJSON:
{
  "uid": "${uid}",
  "cn": "${user.firstname.concat(' ').concat(user.lastname)}",
  "pos": "${user.title?user.title:''}",
  "ou": "${user.departmentname?user.departmentname:''}",
  "displayname": "${user.displayname}",
  "deal": "${user.customproperty6?user.customproperty6:''}",
  "employeenumber": "${user.username}",
  "employeetype": "${user.employeeType?user.employeeType:''}",
  "givenName": "${user.firstname}",
  "no": "${user.username}",
  "mail": "${user.email?user.email:''}",
  "name": "${user.displayname}",
  "objectClass": [
    "top",
    "person",
    "organizationalPerson",
"ePerson",
"inetOrgPerson"
  ],
  "mobile": "${user.phonenumber?user.phonenumber:''}",
  "sn": "${user.lastname}",
  "l": "${user.customproperty1?user.customproperty1:''}",
  "manager": "${managerAccount!=null ? managerAccount.accountID: ''}",
  "UnicodePwd": "Password!1"
}
 
 
Logs:
 
"2024-02-12T14:10:52.486+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","[uid=Account,cn=users,dc=domain,dc=com] found in target"
"2024-02-12T14:10:52.486+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Checking DN for [uid=Account1,cn=users,dc=domain,dc=com] in target"
"2024-02-12T14:10:52.486+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Enter isADConnection"
"2024-02-12T14:10:52.486+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","External connection is :: ConnectionName"
"2024-02-12T14:10:52.487+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Connection is LDAP.. Setting to FALSE"
"2024-02-12T14:10:52.487+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","isadconnection = false"
"2024-02-12T14:10:52.487+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Exit isADConnection"
"2024-02-12T14:10:52.487+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","modifieddn  = uid=Account1,cn=users,dc=domain,dc=com"
"2024-02-12T14:10:52.648+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","[uid=Account1,cn=users,dc=domain,dc=com] not found in target"
"2024-02-12T14:10:52.889+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Enter readAttributeValue"
"2024-02-12T14:10:52.889+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","attribute to be read = REUSEINACTIVEACCOUNT"
"2024-02-12T14:10:52.890+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","attrValue = FALSE"
"2024-02-12T14:10:52.890+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","DEBUG","Exit readAttributeValue"
"2024-02-12T14:10:52.890+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-5-czmr7","ERROR","Error while creating account - 0200064 removing tasks from the list,Could not find a unique uid to provision  "
Labels:
0 Kudos
1 REPLY 1

Go to solution
tuhink
New Contributor II
New Contributor II

‎02/13/2024 07:16 AM

Issue resolved.It was occurring due some unique attribute in target.

0 Kudos
Copyright © 2024 Khoros, LLC