We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

LDAP: error code 34 when provisioning AD accounts

ram81
New Contributor II
New Contributor II

When attempting to provision an AD account via the AD connector I am receiving the following error message. I have also included the account name rule and create account JSON both redacted. 

[LDAP: error code 34 - 00002081: NameErr: DSID-03050F42, problem 2003 (BAD_ATT_SYNTAX), data 0, best match of: 'CN=FIM1234,OU=Users,OU=IdentityManagement,DC=connectedtoAD,DC=net' ]

----------------------------------------------------------------------------

Create Account JSON:

{
"cn": "${cn}",
"displayname": "${user.displayname}",
"givenname": "${user.firstname}",
"mail": "${user.email}",
"name": "${user.displayname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"userAccountControl": "544",
"sAMAccountName": "${user.username}",
"sn": "${user.lastname}",
}

-----------------------------------------------------------------------------

AccountNameRule

CN=FIM${user.username},OU=Users,OU=IdentityManagement,DC=connectedtoAD,DC=net

 

2 REPLIES 2

rushikeshvartak
All-Star
All-Star

{
"cn": "${cn}",
"displayname": "${user.displayname}",
"givenname": "${user.firstname}",
"mail": "${user.email}",
"name": "${user.displayname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"userAccountControl": "544",
"sAMAccountName": "${user.username}",
"sn": "${user.lastname}"
}


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

ram81
New Contributor II
New Contributor II

Thanks @rushikeshvartak but I found the solution. See below. 

Removing the CN resolved the issue. 

{
"displayname": "${user.displayname}",
"givenname": "${user.firstname}",
"mail": "${user.email}",
"name": "${user.displayname}",
"objectClass": [
"top",
"person",
"organizationalPerson",
"user"
],
"userAccountControl": "544",
"sAMAccountName": "${user.username}",
"sn": "${user.lastname}"
}