Announcing the SAVIYNT KNOWLEDGE EXCHANGE unifying the Saviynt forums, documentation, training, and more in a single search tool across platforms. Click HERE to read the Announcement.

Ldap error code 53

rameshm
New Contributor III
New Contributor III
We are getting LDAP error code 53 response, when trying to process create account task.
 
Checking DN for CN=EXT10086,DC=lux-test,DC=intra,DC=lighting,DC=com.Not FOund DN for CN=EXT10086,DC=lux-test,DC=intra,DC=lighting,DC=com. Error while creating account in AD - [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A124C, problem 5003 (WILL_NOT_PERFORM), data 0 ]\
 
Below JSON is what I have configured in createAccountJSON
 
{
"sAMAccountName": "${user.username}",
"sn": "${user.lastname}",
"employeeID": "${user.employeeid}",
"co": "${user.country}",
"c": "${user.customproperty9}",
"givenName": "${user.firstname}",
"extensionAttribute12": "user.customproperty12",
"extensionAttribute13": "${user.costcenter}",
"extensionAttribute15": "${user.employeeclass}",
"businessCategory": "${user.customproperty8}",
"extensionAttribute2": "${user.customproperty1}",
"displayname": "${''+user.firstname+' '+user.lastname}";
"cn": "${cn}",
"l": "${user.city}",
"title": "${user.title}",
"mobile": "${user.secondaryPhone}",
"otherTelephone": "${user.phonenumber}",
"physicalDeliveryOfficeName": "${user.locationnumber}",
"postalCode": "${user.regioncode}",
"st": "${user.state}",
"streetAddress": "${user.street}",
"department": "${user.departmentname}",
"departmentNumber": "${user.departmentNumber}",
"employeeType": "${user.employeeType}",
"company": "${user.companyname}",
"mail": "${user.email}",
"userPrincipalName": "${cn}",
"userAccountControl": "512",
"manager": "${managerAccount?.accountID}",
"objectclass": [
"top",
"person",
"organizationalPerson",
"user"
]
}
 
Can you please help to identify, what is causing this error
 
Thanks,
Ramesh
1 REPLY 1

sudeshjaiswal
Saviynt Employee
Saviynt Employee

Hello @rameshm

Is it a new implementation,

Here are the steps to address the provisioning issues you are facing:

Step 1:
Please verify that the service account being used for the connections has sufficient privileges to perform CRUD operations in Active Directory (AD). It should have the necessary permissions for creating, modifying, and deleting user accounts.

Step 2:
Ensure that your `create-account` JSON includes all the mandatory attributes required for provisioning in AD, such as the `manager` attribute and `departmentNumber`. Based on the error logs you provided, it appears that these attributes are missing. Please refer to the documentation provided below for the specific attributes required and modify your JSON accordingly.

Step 3:
Are you using an SSL connection? From the error, it looks like you are using a non-ssl connection and AD is not supporting a non-SSL connection

Sample Json:-

{

  "co": "${user.country}",

  "department": "${user.costcenter}",

  "description": "Created through Saviynt",

  "displayname": "${user.displayname}",

  "division": "${user.departmentNumber}",

  "employeeID": "${user.employeeid}",

  "employeeType": "${user.employeeType}",

  "givenName": "${user.firstname}",

  "info": "Assoc Nbr: ${user.employeeid} Operator ID: ${user.systemUserName} Service Date: ${user.customproperty51} Role: ${user.jobcodedesc}",

  "l": "${user.city}",

  "mail": "${user.email}",

  "mobile": "${user.customproperty8}",

  "otherTelephone": "${user.customproperty14}",

  "postalCode": "${user.customproperty5}",

  "sAMAccountName": "${user.systemUserName}",

  "sn": "${user.lastname}",

  "st": "${user.state}",

  "streetAddress": "${user.street}",

  "telephoneNumber": "${user.phonenumber}",

  "thumbnailPhoto": "${user.customproperty65}",

  "title": "${user.title}",

  "userPrincipalName": "${user.systemUserName}@cerncd.com",

  "objectClass": [

    "top",

    "person",

    "organizationalPerson",

    "user"

  ]



Note: The mapping provided in this example JSON is for illustration purposes only. It should be adjusted according to your specific system/setting requirements.

If you find the above response useful, Kindly Mark it as "Accept As Solution".