We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

problem 5003 (WILL_NOT_PERFORM) When enabling AD account

IAM
New Contributor III
New Contributor III

This does not happen to all users but for many users we get the below error when enabling their AD accounts.

 

 

 

SAV-Error while enabling account,[LDAP: error code 53 - 00002077: SvcErr: DSID-031903D2, problem 5003 (WILL_NOT_PERFORM), data 0 ] SAV-Error while enabling account,[LDAP: error code 53 - 00002077:

 

 
This is what we have in ENABLEACCOUNTJSON:

 

{
"USEDNFROMACCOUNT":"YES",
"MOVEDN":"YES",
"ATTRIBUTESTOCHECK":{"samaccountname":"${task.accountName}"},
"AFTERMOVEACTIONS":
{
"c":"${user.customproperty12}",
"co":"${user.country}",
"countrycode":"${user.customproperty19}",
"department":"${user.departmentname}",
"departmentnumber":"${user.locationnumber}",
"displayname":"${user.customproperty16}",
"division":"${user.customproperty15}",
"employeetype":"${user.employeeType}",
"extensionattribute12":"Active",
"givenname":"${user.firstname}",
"l":"${user.city}",
"manager":"${user.customproperty1}",
"postalCode":"${user.customproperty11}",
"sn":"${user.lastname}",
"st":"${user.customproperty10 != null ? user.customproperty10 : user.customproperty9}",
"streetAddress":"${user.street}",
"title":"${user.title}",
"userAccountControl":"512",
"description":"${user.costcenter + ' - ' + user.title}",
"initials":"${user.middlename != null ? user.middlename.substring(0,1) : ''}",
"accountExpires":"${if(user.customproperty58!=null) {10000 * (new java.text.SimpleDateFormat('yyyy-MM-dd').parse(user.customproperty58).getTime()+11644578000000)} else {'0'}}",
"physicaldeliveryofficename":"${user.customproperty33}"
},
"ENABLEACCOUNTOU":"${user.customproperty27}"
}

 

 

1 REPLY 1

SumathiSomala
All-Star
All-Star

Please share the error logs

Also check the permissions assigned to the service account used in connection

53LDAP_UNWILLING_TO_PERFORM

Indicates that the LDAP server cannot process the request

because of server-defined restrictions. This error is returned for the following reasons: The add entry request violates the server's structure rules...OR...The modify attribute request specifies attributes that users cannot modify...OR...Password restrictions prevent the action...OR...Connection restrictions prevent the action.

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.