Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP: error code 21 - 00000057: LdapErr: DSID-0C0911BC, comment: Error in attribute conversion opera

Sushma
New Contributor
New Contributor

‎12/05/2023 04:22 AM

Hi All,

We are getting below LDAP error while creating an AD account.

Please check below error and create account json respextively.

Error-

Checking DN for CN=VEGA\, BRANDON [1234567],OU=Employee,OU=Active Users,OU=Managed Users,OU=Managed Objects,OU=Zone-example,DC=abc,DC=loc,DC=com.Not FOund DN for CN=VEGA\, BRANDON [32225139],OU=Employee,OU=Active Users,OU=Managed Users,OU=Managed Objects,OU=Zone-example,DC=abc,DC=loc,DC=com. Error while creating account in AD - [LDAP: error code 21 - 00000057: LdapErr: DSID-0C0911BC, comment: Error in attribute conversion operation, data 0, v3839]

 

Create account JSON-

${
Map map1 = new HashMap();
map1.put("sn",user.lastname);
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee')&&(user.customproperty42!=null)&&(user.customproperty42!=''))map1.put("sn",user.customproperty42);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("sn",user.lastname);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee')&&(user.customproperty14.equals('Wholesalers BDR'))&&(user.companyname.equals('Wholesaler')))map1.put("mail",user.firstname.replaceAll(' ','')+'.'+user.lastname.replaceAll(' ','')+'-ext@example.com');
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee')&&(user.customproperty41!=null)&&(user.customproperty41!=''))map1.put("givenName",user.customproperty41);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("givenName",user.firstname);
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("physicalDeliveryOfficeName",user.customproperty56);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("physicalDeliveryOfficeName",user.customproperty25);
map1.put("countryCode",user.customproperty6);
if(null!=user.country)map1.put("c",user.country);
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("company",user.customproperty54);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("company",user.companyname);
map1.put("postalCode",user.customproperty31);
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("department",user.customproperty51);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("department",user.departmentname);
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("streetAddress",user.street);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("streetAddress",user.customproperty22);
map1.put("mobile",user.secondaryPhone);
map1.put("co",user.customproperty4);
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("title",user.jobcodedesc);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("title",user.title);
map1.put("telephoneNumber",user.phonenumber);
map1.put("l",user.city);
map1.put("sAMAccountname",user.username);
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("employeeType",'Managed Employee');
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("employeeType",user.employeeType);
if(null!=managerAccount)map1.put("manager",managerAccount.customproperty33.replace('\\', '###UNESCAPEBACKSLASH###'));
map1.put("objectclass",['top','person','organizationalPerson','user']);
map1.put("instanceType",'4');
map1.put("pwdLastSet",'0');
map1.put("comment",'Saviynt Managed');
map1.put("objectCategory",'CN=Person,CN=Schema,CN=Configuration,DC=ABC,DC=COM');
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee')&&(user.customproperty41!=null)&&(user.customproperty41!='')&&(user.customproperty42!=null)&&(user.customproperty42!=''))map1.put("displayName",user.customproperty42+', '+user.customproperty41);
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("displayName",user.lastname+', '+user.firstname+'('+user.regioncode+'-V)'); if(null!=user.employeeType)map1.put("userPrincipalName",user.username+'@example.com');
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("extensionAttribute1",'example');
if((null!=user.employeeType)&&(user.employeeType!='Internal Employee'))map1.put("extensionAttribute1",'example-ext');
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("proxyAddresses",'smtp:'+user.username+'@example.mail.onmicrosoft.com');
if((null!=user.enddate)&&(user.employeeType!='Internal Employee'))map1.put("accountExpires",Long.toString(10000*(user.enddate.getTime() + 11644473600000+122400000)));
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("accountExpires",'0');
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("targetAddress",'smtp:'+user.username+'@example.mail.onmicrosoft.com');
if((null!=user.employeeType)&&(user.employeeType=='Internal Employee'))map1.put("mailNickname",user.username);
jsonBuilder = new groovy.json.JsonBuilder(map1);
return jsonBuilder.toString();
}

 

Labels:
0 Kudos
4 REPLIES 4

Ankky
Regular Contributor
Regular Contributor

‎12/05/2023 05:07 AM

Hi @Sushma ,

This error usually occurs when you try to update an attribute with different data type than what it is expecting. Since you are getting error for comment field, I would suggest you to validate if 'comment' field exists in AD and it is of String type.

0 Kudos

Sushma
New Contributor
New Contributor

‎12/05/2023 06:07 AM

Hi Ankky,

Thank you for the response.

Comment field exists and we are passing static value(string type). And it's working for other users.

 

 

 

0 Kudos

Ankky
Regular Contributor
Regular Contributor
In response to Sushma

‎12/05/2023 06:24 AM

Have you added any new attribute in the json? If yes, try to remove that from the create account json.

0 Kudos

Sushma
New Contributor
New Contributor

‎12/05/2023 06:49 AM

Hi Ankky,

I have found that we are not passing any value in  "countrycode" in AD.For this user, country code was present somehow and I have removed the same and retriggered the task. It's success now.

 

So if we pass null instead of value (map1.put("countryCode",user.customproperty6); this will resolve the problem for future users.

And thank you for your quick response.

 

0 Kudos
Copyright © 2024 Khoros, LLC