Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
We have a requirement to automatically change a user's password to a randomly generated one upon onboarding. This new password should also update their Active Directory password and be sent to the user via email.
Even after the change password task is getting completed the password is not updated in AD , I checked in the accounts tabled lastpasswordchange attribute is also not changed.
Yes, I have checked the logs. Now I could see Accounts.lastpasswordchange is getting updated but the password is still not getting updated in AD. Could you provide what should be in the connect Jason At present I am using this "pwdLastSet": "account.LASTPASSWORDCHANGE" in Create account Jason.
Please share the logs & JSON in text file for easier debugging. Additionally, provide the task ID, error details, or specific line numbers where the issues occur to help us review the relevant sections efficiently.
⚠️ Important: Do not upload attachments containing sensitive information, such as IP addresses, URLs, company/employee names, or email addresses. For more information, refer to the Saviynt PII Policy.
Regards, Rushikesh Vartak If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
Random password is getting generated and but task is getting completed with an error "Error while change password operation for account-fc1502dev in AD - [LDAP: error code 53 - 0000052D: SvcErr: DSID-031A126C, problem 5003 (WILL_NOT_PERFORM), data 0 ]"
Insufficient Permissions: Ensure that the user account performing the operation has the necessary permissions for the requested action.
Password Policy Violations: If the operation involves user account modifications (like password changes), check if it violates any password policies (e.g., complexity, history).
Account Restrictions: The account you’re trying to modify or access might be disabled or restricted. Make sure the account is enabled and meets any necessary conditions.
LDAP Schema Constraints: Check for any schema constraints that might prevent the operation. This can include things like required attributes not being provided.
Domain Controller Issues: If you're working in a multi-domain environment, ensure that the domain controller you're connecting to is functioning properly and is up-to-date.
Regards, Rushikesh Vartak If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
I used this "pwdLastSet":"${account.LASTPASSWORDCHANGE != null ? new java.text.SimpleDateFormat('yyyyMMddHHmmss.SSSZ').format(account.LASTPASSWORDCHANGE) : ''}". But in AD instead of updating the date it is updating the attribute value to never.
Hello, Thank you for your response. When we are changing the password it is wiping off the existing value and updating as (never). Is there a way we can set when Saviynt generates random password it should be minimum 8 characters as currently when random password is getting generated it is of 6 characters.
In email template "TO" i am using ${user.email} for receiver email but I want to send to a different email which is stored in customproperty. I am using ${user.cutomproperty6} but not getting the email.
when I am using ${user.email} I am receiving the email but i am using ${user.customproperty6} I am not receiving email though I have put my email in customproperty6.
